Re: Limiting Access
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Peter Good <psgood@petesinternet.net> writes:
> This may sound like a newbie question but, how do i stop a certian group
> from accessing my system via telnet? I've played with PAM to no avail,
> spent the last 3 hours on it in fact. System is 2.2, just need someone
> to point me in the right direction, if anyone can help, plz lemme know,
> it's driving me batty lol.
The way I do it is through NIS. I'm running a NIS server, with maps
for passwd, group and netgroup. If I'm looking to only allow a limited
subset of users to a particular box, I change the local /etc/passwd to:
root:0:.....
+@scooby_login::::::
+::::::/bin/false
You have to make sure that you've got the following entry in
/etc/nsswitch.conf:
passwd: compat
If you want to deny access to a particular netgroup, do the following in
/etc/passwd:
root:0:....
- -@no_login:::::/bin/false
+::::::
That's the idea anyway. For a better explanation, do `man passwd`. :)
- --
Graeme.
graeme+sig@mathie.cx
"Life's not fair," I reply. "But the root password helps." - BOFH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
iD8DBQE5HBz4PjGH3lNt65URAvZ+AKCYS1W2jg7XfyPTPU1MdAqHdpRngQCffTNQ
NXx9m8da4YJdbm8W+2PA8/0=
=1PYp
-----END PGP SIGNATURE-----
Reply to: