[Watford] SSH Questions
Steven Acreman
sacreman at gmail.com
Wed Sep 17 06:49:54 UTC 2008
Is there some way in which a GPS device could be used to achieve this?
2008/9/17 Alain Williams <addw at phcomp.co.uk>
> On Tue, Sep 16, 2008 at 09:54:04PM +0100, Magnus Kelly wrote:
>
> > Then is it not possible to control which account the ssh key opens and
> > then force the user to su post login to a password protected account
> > that does not allow direct login - hence without the key you can't try
> > and login to the correct account that has the rights to perform the
> > legit remote process.
>
> You could look at PAM. Put something appropriate into /etc/pam.d/sshd
> to limit what accounts someone can ssh in to. The user would then
> have to 'su' to get further.
>
> In /etc/ssh/sshd_config you can also control which accounts can be logged
> in to.
>
> PAM is prob more flexible ATM, although there is some work to make sshd
> do some of this itself.
>
> --
> Alain Williams
> Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT
> Lecturer.
> +44 (0) 787 668 0256 http://www.phcomp.co.uk/
> Parliament Hill Computers Ltd. Registration Information:
> http://www.phcomp.co.uk/contact.php
> Chairman of UKUUG: http://www.ukuug.org/
> #include <std_disclaimer.h>
>
> _______________________________________________
> Watford mailing list
> Watford at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/watford
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/watford/attachments/20080917/9dbb692f/attachment.htm
More information about the Watford
mailing list