On Fri, Mar 24, 2000 at 12:11:59PM -0800, Percival wrote: > I run a domain and host websites for myself and some friends. I am trying to > learn all about linux/system administration/security and I want to run a > responsible host as I have 24/7 Internet through a DSL. I try to run a > secure box. > > I want to have easy freedom in limiting user access. I have killed telnetd, > and only sshd. I want to allow some users access through ssh, some through > ftpd, and some through samba. How can I turn off user access through ssh, > but keep their account, and allow them access through ftp? Can I allow users > access to shares through samba, and allow them to ftp in, but not ssh or > telnet? > > Basically, I want the default for each service to be no access, and then add > users to services indepently - each service allowing access on it own. > > Does this make sense? Is there an authentication package out there to deal > with this?
You'll want to look at pam_listfile.so. Since each of the services you talked about supports PAM, you can use that to configure access. The docs for this are in the libpam-doc. Ben -- -----------=======-=-======-=========-----------=====------------=-=------ / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=========------=======-------------=-=-----=-===-======-------=--=---'
