[wplug] Disable a user's remote login capability

Tim Lesher tim at lesher.ws
Tue Jan 21 13:56:25 EST 2003


On Tue, Jan 21, 2003 at 12:28:41PM -0500, Scott Eicher wrote:
> 
> I have a shared user id who I would like to disable from being able to login
> remotely. I would like to force users to login under their own user id and
> su to this user. Is there a way to do this in Linux?

You need to configure PAM for the login service you're using.  For
example, if they log in with ssh, add this to /etc/pam.d/sshd (it
should be all one line, no matter what mailers say):

auth required /lib/security/pam_listfile.so onerr=fail item=user
sense=deny file=/etc/sshd.deny

Then create a file called /etc/sshd.deny, and list that user name.

-- 
Tim Lesher <tim at lesher.ws>
http://www.lesher.ws




More information about the wplug mailing list