Date: Fri, 28 Nov 2003 21:25:41 +0000 From: Andy Gilligan <andy@glbx.net> To: freebsd-stable@freebsd.org Subject: Re: help with login.conf session limiting Message-ID: <20031128212541.GA60780@vega.glbx.net> In-Reply-To: <200311281013.25726.me@farid-hajji.de> References: <1069991237.2759.263.camel@jupiter.acf.aquezada.com> <200311281013.25726.me@farid-hajji.de>
index | next in thread | previous in thread | raw e-mail
On Fri, 28 Nov 2003 at 09:13, Farid Hajji wrote: > On Friday 28 November 2003 04:47 am, Julian C. Dunn wrote: > > I wonder if any of you have ever tried to restrict the # of simultaneous > > sessions on a FreeBSD box using login.conf. I'm trying to use the > > 'sessionlimit' but it appears to be doing diddly squat. The class in > > question is the following "subshell" one: > > login.conf is only used by login(1), not by sshd. > Try setting UseLogin in /etc/ssh/sshd_config > if you want sshd to use login, and therefore these > settings. Beware: this is NOT recommended. I've never had any problem using login.conf settings with sshd. Resource limits, environment, path, umask, etc.. all work without any trouble. UseLogin is disabled in my sshd_config, but I understand that openssh will use setusercontext(3) (and similar) on *BSD systems to enforce login.conf settings. In fairness however, I haven't tried setting 'sessionlimit' in login.conf - PAM would probably be a better option. -Andyhelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031128212541.GA60780>