Date: Sun, 13 Feb 2005 09:55:20 +0100 From: Volker Kindermann <ml@ps102.de> To: Paul Sandys <myj@nyct.net> Cc: freebsd-isp@freebsd.org Subject: Re: PAM and login.conf + SSH and IMAP Message-ID: <420F15F8.5070102@ps102.de> In-Reply-To: <20050208000000.D64811@bsd3.nyct.net> References: <20050208000000.D64811@bsd3.nyct.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Paul, > I need to block ssh access to wheel only and at the same time allow IMAP access > to any user. > > When I put following in /etc/login.access, the ssh behaves the way I want: > +:wheel:ALL > -:ALL:ALL > > However, it also denies imap access. I'm trying different options in > /etc/pam.d/imap without any success. Is there a PAM module that would > authenticate using system password file and disregarded /etc/login.access ? > > Any suggestions ? why don't you use ssh's ability to restrict logins? Look for "Allowed groups" in man sshd_config If you allow the wheel group there, than no other user may login via ssh. -volker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?420F15F8.5070102>