Stephen Gran on 19 Aug 2005 16:24:25 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Terminal/shell login with no password


On Fri, Aug 19, 2005 at 11:48:24AM -0400, Eric said:
> When the users log on they are sent directly to the 
>    application menu (via .login script for csh).
> 
> Yes, they can interrupt the script (ctrl-c) but they 
>    don't know it and even if they did they don't know 
>    what to do with a shell prompt.
> 
> Most users connect via "hard line" - serial connected 
>    terminal.
> 
> The few remaining users connect via telnet from the 
>    internal network.
> 
> So, we're really talking about login not requiring 
> a password for _some_ user accounts.

So, for login and telnet, you add to /etc/pam.d/{login,telnet} (as first
line):

auth    sufficient      pam_listfile.so \
        file=/etc/nopasswordusers sense=allow onerr=fail item=user

This allows passwordless access to a pam using service, and allows you
to keep a password on the account for all other services.  I use this
for gdm on my desktop, as I find it tedious to type my password for a
service that is unreachable from the network.

Also, this allows you to use a different list of users for different
services if you like, giving you some granularity.

HTH,
-- 
 --------------------------------------------------------------------------
|  Stephen Gran                  | Spiritual leadership should remain      |
|  steve@lobefin.net             | spiritual leadership and the temporal   |
|  http://www.lobefin.net/~steve | power should not become too important   |
|  			         | in any church. - Eleanor Roosevelt      |
 --------------------------------------------------------------------------

Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug