Richard Freeman on 23 Oct 2009 12:56:58 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Locking down a Web browser on Ubuntu wrote:
> 	preventing remote (ssh, rlogin, rsh) logins as "kioskuser"

FYI - a good way to do this (I think) is:

auth		required onerr=fail item=user sense=allow 

Put that in the appropriate pam configuration files (often there is a 
generic one for all remote logins - probably depends on your distro). 
This method is a whitelist - I believe if you just change the sense you 
can turn it into a blacklist instead.

I am by no means a PAM expert and consider it one of the greater 
mysteries of my system, but not so great as trying to get kerberos to 
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --