[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: allowing telnet for only a few users?

On Sun, Jun 23, 2002 at 09:28:32PM -0400, Joey Hess wrote:
> Eric G. Miller wrote:
> > On Fri, Jun 21, 2002 at 10:38:08PM -0400, Joey Hess wrote:
> > > Does anyone know how to set up telnetd so only a couple of users can use
> > > telnet to log in, and the rest must use some other, more secure method,
> > > such as ssh? I have a few secure guest accounts that I want to allow
> > > telnet for, while disabling it for everyone who can get to a shell.
> > 
> > Looks like pam_listfiles can do this...
> 
> That's exactly what I was looking for, but it seems that there is no way
> to make pam differentiate between login by telnet, and logins at the
> console, and other uses of /bin/login. Rats.

I haven't looked into it, but there are examples for ftpd.  So, does it
not work for telnetd?  That is, have a rule like:

telnetd   auth required pam_listfiles.so\
          onerr=fail item=user sense=allow file=/etc/telnetusers

Or is telnet not PAM aware outside of login??  I'm no PAM expert...

-- 
Eric G. Miller <egm2@jps.net>


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: