Re: allowing telnet for only a few users?
Joey Hess wrote:
Eric G. Miller wrote:
On Fri, Jun 21, 2002 at 10:38:08PM -0400, Joey Hess wrote:
Does anyone know how to set up telnetd so only a couple of users can use
telnet to log in, and the rest must use some other, more secure method,
such as ssh? I have a few secure guest accounts that I want to allow
telnet for, while disabling it for everyone who can get to a shell.
Looks like pam_listfiles can do this...
That's exactly what I was looking for, but it seems that there is no way
to make pam differentiate between login by telnet, and logins at the
console, and other uses of /bin/login. Rats.
How about using something like:
in.telnetd: ALL: checkscript
with "checkscript" being a script that checks "%c" for user@host, and if
the check fails to match your user, the user is booted off.
Of course, this is with just a quick look at "man hosts_access", and
with minimal understanding of the whole tcp wrappers stuff, so I may be
suggesting apples based on an orange understanding.
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com