> > Is it possible to set things so that 'telnet' is allowed only to one > specific user, while everyone else needs sshd? ie: Obviously, nologin > can be used as a shell to not permit any logins (but makes 'su' break > too), but I'd like to allow telnet for one specific user only and keep > everyone else on sshd.
Yes, by playing with PAM. You can change telnetd's PAM configuration (/etc/pam.d/telnetd) to include a group check: auth requisite pam_group.so no_warn group=telnetusers Then create a group "telnetusers", and make your telnet user a member of it. Haven't tested it myself, hope it works. Cheers Benjamin
signature.asc
Description: OpenPGP digital signature