Re: Limiting Access
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Peter Good <psgood@petesinternet.net> writes:
> I dunno, I'll look into NIS, but originally I thought Pam would handle
> it.
There is a PAM module that implements what you're looking for. I played
around with it for a while, back when I was using RedHat. It worked
fine for console logins, but never worked for ssh. I didn't ever figure
out why - I just switched to using NIS, since I was using NIS anyway.
For FTP, you can play around with its own configuration[1]. In
/etc/wu-ftpd/ftpaccess, you can specify which groups are specifically
allowed and denied with the 'allow-gid' and 'deny-gid' directives. Have
a look at `man ftpaccess` for more detailed information.
If you're offering SSH access as an alternative to telnet[2], then you
can achieve a similar thing with the 'AllowGroups' and 'DenyGroups'
directives. Have a look at `man sshd` for more detailed information.
Perhaps you can come across a more fully-featured telnet daemon which
will offer the same level of restrictions.
[1] I'm thinking about wu-ftpd in particular, but I'm sure others have
similar features.
[2] Highly recommended.
- --
Graeme.
graeme+sig@mathie.cx
"Life's not fair," I reply. "But the root password helps." - BOFH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
iD8DBQE5HVTaPjGH3lNt65URAncPAKDHUUOoGEl8jyIgY8h1n7a+Ixz5DACgtZx/
qJmCTCd/c+67yGWN/bDPyKY=
=90Jo
-----END PGP SIGNATURE-----
Reply to: