[wplug] Disable a user's remote login capability
Tim Lesher
tim at lesher.ws
Tue Jan 21 13:56:25 EST 2003
On Tue, Jan 21, 2003 at 12:28:41PM -0500, Scott Eicher wrote:
>
> I have a shared user id who I would like to disable from being able to login
> remotely. I would like to force users to login under their own user id and
> su to this user. Is there a way to do this in Linux?
You need to configure PAM for the login service you're using. For
example, if they log in with ssh, add this to /etc/pam.d/sshd (it
should be all one line, no matter what mailers say):
auth required /lib/security/pam_listfile.so onerr=fail item=user
sense=deny file=/etc/sshd.deny
Then create a file called /etc/sshd.deny, and list that user name.
--
Tim Lesher <tim at lesher.ws>
http://www.lesher.ws
More information about the wplug
mailing list