Date: Mon, 08 Aug 2005 00:32:37 +0200 From: Benjamin Lutz <benlutz@datacomm.ch> To: questions@freebsd.org Subject: Re: telnet/sshd limited by user? Message-ID: <42F68C05.1000404@datacomm.ch> In-Reply-To: <20050806221350.C2146@fw.skeleton.org> References: <20050806221350.C2146@fw.skeleton.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] > > Is it possible to set things so that 'telnet' is allowed only to one > specific user, while everyone else needs sshd? ie: Obviously, nologin > can be used as a shell to not permit any logins (but makes 'su' break > too), but I'd like to allow telnet for one specific user only and keep > everyone else on sshd. Yes, by playing with PAM. You can change telnetd's PAM configuration (/etc/pam.d/telnetd) to include a group check: auth requisite pam_group.so no_warn group=telnetusers Then create a group "telnetusers", and make your telnet user a member of it. Haven't tested it myself, hope it works. Cheers Benjamin [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (Darwin) iD8DBQFC9owFgShs4qbRdeQRApapAJwNbWG8vH2Q2oUZ0L1CGLI2O4XesACfarjy NhuHJb2DJpmILuMHIsSj7Iw= =C4JQ -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42F68C05.1000404>