Joey Hess wrote:
Eric G. Miller wrote:On Fri, Jun 21, 2002 at 10:38:08PM -0400, Joey Hess wrote:Does anyone know how to set up telnetd so only a couple of users can use telnet to log in, and the rest must use some other, more secure method, such as ssh? I have a few secure guest accounts that I want to allow telnet for, while disabling it for everyone who can get to a shell.Looks like pam_listfiles can do this...That's exactly what I was looking for, but it seems that there is no way to make pam differentiate between login by telnet, and logins at the console, and other uses of /bin/login. Rats.
How about using something like: in.telnetd: ALL: checkscriptwith "checkscript" being a script that checks "%c" for user@host, and if the check fails to match your user, the user is booted off.
Of course, this is with just a quick look at "man hosts_access", and with minimal understanding of the whole tcp wrappers stuff, so I may be suggesting apples based on an orange understanding.
Kent --To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org