From owner-freebsd-questions Mon Apr 24 10:11: 2 2000 Delivered-To: freebsd-questions@freebsd.org Received: from dns.comrax.com (dns.comrax.com [194.90.246.124]) by hub.freebsd.org (Postfix) with ESMTP id F2C0E37BB8E for ; Mon, 24 Apr 2000 10:10:57 -0700 (PDT) (envelope-from noor@comrax.com) Received: from noor (unknown [156.27.243.27]) by dns.comrax.com (Postfix) with SMTP id F3E061C99B for ; Mon, 24 Apr 2000 20:10:41 +0300 (IDT) From: "Noor Dawod" To: Subject: login.conf and ssh Date: Mon, 24 Apr 2000 20:11:07 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello all, I have a 4.0-STABLE system and I allow clients to connect via ssh only. I use ssh -i to launch ssh from /etc/inetd.conf. Although I've set a class in /etc/login.conf to allow logins only at specific times, and assigned a user to this class, then tried to logon to this user at a restricted time, it did login. My conclusion is either: 1. ssh do not care about login.conf, which in turn allows me to login at a restricted time. 2. ssh is aware about login.conf, but I did a mistake. So, here's the class I've built in login.conf: standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/vi,FTP_PASSIVE_MODE=YES :\ :path=/usr/local/bin /usr/local/sbin /usr/local/libexec /usr/local/samba/bin /bin /usr/bin :manpath=/usr/share/man /usr/local/man:\ :nologin=/etc/nologin:\ :cputime=unlimited:\ :datasize=10M:\ :stacksize=3M:\ :memorylocked=5M:\ :memoryuse=10M:\ :filesize=unlimited:\ :coredumpsize=unlimited:\ :openfiles=32:\ :maxproc=16:\ :requirehome:\ :priority=0:\ :ignoretime@:\ :umask=022: :times.allow=SuMoTuWeTh0900-2200,Fr0900-1800: The last line lists the allowed times. If I login, say at Friday 19:00pm, the system should not allow it, but it does. What am I doing wrong, and is ssh aware of login.conf? (it is a system setting, is it not?) Thank you in advance. Noor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message