[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: allowing telnet for only a few users?

Joey Hess wrote:

Eric G. Miller wrote:
On Fri, Jun 21, 2002 at 10:38:08PM -0400, Joey Hess wrote:
Does anyone know how to set up telnetd so only a couple of users can use
telnet to log in, and the rest must use some other, more secure method,
such as ssh? I have a few secure guest accounts that I want to allow
telnet for, while disabling it for everyone who can get to a shell.
Looks like pam_listfiles can do this...

That's exactly what I was looking for, but it seems that there is no way
to make pam differentiate between login by telnet, and logins at the
console, and other uses of /bin/login. Rats.

How about using something like:

in.telnetd: ALL: checkscript

with "checkscript" being a script that checks "%c" for user@host, and if the check fails to match your user, the user is booted off.

Of course, this is with just a quick look at "man hosts_access", and with minimal understanding of the whole tcp wrappers stuff, so I may be suggesting apples based on an orange understanding.


To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: