From owner-freebsd-security  Thu Jan 13 19:44:49 2000
Delivered-To: freebsd-security@freebsd.org
Received: from mail.wzrd.com (mail.wzrd.com [206.99.165.3])
	by hub.freebsd.org (Postfix) with ESMTP id 9FE6A14D4C
	for <freebsd-security@freebsd.org>; Thu, 13 Jan 2000 19:44:47 -0800 (PST)
	(envelope-from danh@wzrd.com)
Received: by mail.wzrd.com (Postfix, from userid 91)
	id 6B2CA5D01E; Thu, 13 Jan 2000 22:44:46 -0500 (EST)
Subject: Re: Disallow remote login by regular user.
In-Reply-To: <Pine.LNX.4.10.10001141203280.3124-100000@zipperii.zip.com.au> from Nicholas Brawn at "Jan 14, 2000 12: 6:36 pm"
To: ncb@zip.com.au (Nicholas Brawn)
Date: Thu, 13 Jan 2000 22:44:46 -0500 (EST)
Cc: freebsd-security@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL43 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 491       
Message-Id: <20000114034446.6B2CA5D01E@mail.wzrd.com>
From: danh@wzrd.com (Dan Harnett)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hello,

You could also set this particular user's shell to /sbin/nologin and make the
others use the -m option to su.

Dan Harnett

> Hi folks. I'm trying to ocnfigure my system so that I can disallow a
> particular user account from being able to login remotely, and forcing
> users to su to the account instead. How may I configure this?
> 
> PS. Users may be using anything from telnet to ssh to login to the system,
> so I need something that works across the board.
> 
> Cheers,
> Nick


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message