From owner-freebsd-security Sat Jan 15 14:24:39 2000 Delivered-To: freebsd-security@freebsd.org Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207]) by hub.freebsd.org (Postfix) with ESMTP id 1379415130 for ; Sat, 15 Jan 2000 14:24:37 -0800 (PST) (envelope-from cjc@cc942873-a.ewndsr1.nj.home.com) Received: (from cjc@localhost) by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id RAA52977; Sat, 15 Jan 2000 17:29:11 -0500 (EST) (envelope-from cjc) From: "Crist J. Clark" Message-Id: <200001152229.RAA52977@cc942873-a.ewndsr1.nj.home.com> Subject: Re: Disallow remote login by regular user. In-Reply-To: <200001140140.RAA49056@pau-amma.whistle.com> from David Wolfskill at "Jan 13, 2000 05:40:56 pm" To: dhw@whistle.com (David Wolfskill) Date: Sat, 15 Jan 2000 17:29:11 -0500 (EST) Cc: freebsd-security@FreeBSD.ORG, ncb@zip.com.au Reply-To: cjclark@home.com X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org David Wolfskill wrote, > >Date: Fri, 14 Jan 2000 12:06:36 +1100 (EST) > >From: Nicholas Brawn > > >Hi folks. I'm trying to ocnfigure my system so that I can disallow a > >particular user account from being able to login remotely, and forcing > >users to su to the account instead. How may I configure this? > > >PS. Users may be using anything from telnet to ssh to login to the system, > >so I need something that works across the board. > > I find that using '*' as the encrypted password appears to do the job > for me. But without a password, how does a non-root user then 'su' to these other accounts? -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message