Hi, At Christian's request, here is an example of how different authentication types can be accepted for console logins vs. telnet, with a single PAM config file (i.e., no need for patches here):
auth requisite pam_securetty.so
auth requisite pam_nologin.so
auth [success=ignore default=1] pam_listfile.so onerr=fail item=tty \
sense=allow file=/etc/securetty
auth sufficient pam_unix.so nullok_secure
auth requisite pam_opie.so
Needs to be tweaked if you have other modules in common that should be
stacked after pam_unix/pam_opie, but that follows the same principle as
above.
The syntax used here is documented in the Linux-PAM System Administrators'
Guide in the libpam-doc package.
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
[EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
