Re: [gentoo-user] Disable remote login for certain user

On Sat, 17 Jan 2009 10:50:31 -0800 Grant wrote: > Can anyone tell me how to find out which users on a system have a > login shell (e.g. not /bin/nologin)? echo 'Unavailable user accounts:'; for usr in `cat /etc/passwd`; do usr=${usr%%:*}; exit | su "$usr" >/dev/null 2>&1 || echo -n "$usr "; don

Re: [gentoo-user] Disable remote login for certain user

On Samstag 17 Januar 2009, Grant wrote: > >> >> an ssh config setting, in shorewall, or somewhere else? > >> > > >> > You can: > >> > > >> > 1) use pam as described by Mike > >> > > >> > or > >> > > >> > 2) use sshd_config "AllowUsers" > >> > >> Thanks a lot, I went with 'AllowUsers root' in sshd_c

Re: [gentoo-user] Disable remote login for certain user

Grant wrote: > an ssh config setting, in shorewall, or somewhere else? > You can: 1) use pam as described by Mike or 2) use sshd_config "AllowUsers" >>> Thanks a lot, I went with 'AllowUsers root' in sshd_config since sshd >>> is t

Re: [gentoo-user] Disable remote login for certain user

>> >> an ssh config setting, in shorewall, or somewhere else? >> > >> > You can: >> > >> > 1) use pam as described by Mike >> > >> > or >> > >> > 2) use sshd_config "AllowUsers" >> >> Thanks a lot, I went with 'AllowUsers root' in sshd_config since sshd >> is the only service running on the system.

Re: [gentoo-user] Disable remote login for certain user

On Samstag 17 Januar 2009, Grant wrote: > >> an ssh config setting, in shorewall, or somewhere else? > > > > You can: > > > > 1) use pam as described by Mike > > > > or > > > > 2) use sshd_config "AllowUsers" > > Thanks a lot, I went with 'AllowUsers root' in sshd_config since sshd > is the only se

Re: [gentoo-user] Disable remote login for certain user

>> Should I do that via an ssh config setting, in shorewall, or somewhere else? > > I believe the right way would be to add 'account required > pam_access.so' line to /etc/pam.d/system-auth and define login > restrictions in /etc/securety/access.conf (it's also quite well > documented). > > That wa

Re: [gentoo-user] Disable remote login for certain user

>> an ssh config setting, in shorewall, or somewhere else? > > You can: > > 1) use pam as described by Mike > > or > > 2) use sshd_config "AllowUsers" Thanks a lot, I went with 'AllowUsers root' in sshd_config since sshd is the only service running on the system. - Grant > or > > 3) What I usua

Re: [gentoo-user] Disable remote login for certain user

On Saturday January 17 2009 03:28:07 Grant wrote: > an ssh config setting, in shorewall, or somewhere else? You can: 1) use pam as described by Mike or 2) use sshd_config "AllowUsers" or 3) What I usually do is, disable pam in ssh so only keys are accepted. Only if you have the key, you can

Re: [gentoo-user] Disable remote login for certain user

On Fri, 16 Jan 2009 21:28:07 -0800 Grant wrote: > Should I do that via an ssh config setting, in shorewall, or somewhere else? I believe the right way would be to add 'account required pam_access.so' line to /etc/pam.d/system-auth and define login restrictions in /etc/securety/access.conf (it's

[gentoo-user] Disable remote login for certain user

One of the users set up on my router is for whoever is sitting in front of the router and wants to log in. For that reason, the password needs to be simple and I'd like to prevent that user from being able to log in if they aren't in front of the system since the password is simple and should be e