[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Accessing remote machines

You can still use local users even if you use pam (+nsswitch will be necessary). You specify this in nsswitch.conf. Also, you can configure the pam config files so that it allows both local (unix) and ldap users. You shouldnt need to drop the firewall at certain times.


Giacomo A. Catenazzi wrote:


I want to hack PAM authentification in a remote machine (moving to pam_ldap), but I want to be sure to continue to access the machine if something go wrong.

So I ask you: How do you handle special access to remote machines?
For firewall hacking I used 'cron' to disable the firewalls at a specified time, but for PAM it seems some more difficult.

I'm thinking about compiling sshd without PAM support, set some strict rules about who/how can connect, and attach it to a 'private' port. Would this works? I will act as root without problems, also if my PAM rules are wrong?


Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.

Reply to: