[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

cvs + pam

I have a cvs server for our local user community which uses ssh
key-based authentication for read/write access to the cvs repository.

We also use ssh + pam on the system to allow the administrators to log
in.  pam_access.so and access.conf is used in /etc/pam.d/sshd to
restrict this list of administrators.  Since cvs is using ssh as a
transport, this is also restricting the users who have access via cvs.
Unfortunately, the list of administrators is different from the list of
cvs users.  Ultimately we want to allow ssh logins with a shell for
administrators only, and ssh access via cvs (but no login shell) to cvs
users only.  Setting the user shells to /sbin/nologin is not an option
because the user accounts are coming from ldap.

How can I configure pam to use two separate access.conf files, one for
admin ssh access and one for cvs ssh access?  Or is there an alternate
way of accomplishing this?


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]