Re: Limiting Access

To: debian-user@lists.debian.org
Subject: Re: Limiting Access
From: Graeme Mathieson <graeme+from@mathie.cx>
Date: 12 May 2000 16:02:17 +0100
Message-id: <[🔎] sa64s83reva.fsf@scooby.mathie.cx>
References: <[🔎] 391BFAAC.B788B93F@petesinternet.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Peter Good <psgood@petesinternet.net> writes:

> This may sound like a newbie question but, how do i stop a certian group
> from accessing my system via telnet? I've played with PAM to no avail,
> spent the last 3 hours on it in fact. System is 2.2, just need someone
> to point me in the right direction, if anyone can help, plz lemme know,
> it's driving me batty lol.

The way I do it is through NIS.  I'm running a NIS server, with  maps
for passwd, group and netgroup.  If I'm looking to only allow a limited
subset of users to a particular box, I change the local /etc/passwd to:

root:0:.....
+@scooby_login::::::
+::::::/bin/false

You have to make sure that you've got the following entry in
/etc/nsswitch.conf:

passwd: compat

If you want to deny access to a particular netgroup, do the following in
/etc/passwd:

root:0:....
- -@no_login:::::/bin/false
+::::::

That's the idea anyway.  For a better explanation, do `man passwd`. :)

- -- 
Graeme.
graeme+sig@mathie.cx

"Life's not fair," I reply. "But the root password helps." - BOFH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)

iD8DBQE5HBz4PjGH3lNt65URAvZ+AKCYS1W2jg7XfyPTPU1MdAqHdpRngQCffTNQ
NXx9m8da4YJdbm8W+2PA8/0=
=1PYp
-----END PGP SIGNATURE-----

Reply to:

References:
- Limiting Access
  - From: Peter Good <psgood@petesinternet.net>

Prev by Date: gedit Crash: Segmentation fault
Next by Date: Re: gedit Crash: Segmentation fault
Previous by thread: Re: Limiting Access
Next by thread: RE: socket programming
Index(es):
- Date
- Thread