[login.conf]
> goal is to be able to restrict login times and duration.

1. First of all, /etc/login.conf doesn't apply for ssh logins.
   Only the login(1) program reads this. Not sshd or other
   daemons.

2. As far as I can remember, you _can_ restrict the time of
   day for logins by setting times.allow and times.deny
   Last time I checked (some 6 months or so ago), it worked.

3. AFAIK, you can't enforce the duration of the login.
   login.conf(5) says:

 Note that login(1) enforces only that the actual login falls within peri-
 ods allowed by these entries.  Further enforcement over the life of a
 session requires a separate daemon to monitor transitions from an allowed
 period to a non-allowed one.

4. To enforce time-of-day logins in a more general way
   (a.k.a for sshd, telnetd, ftpd, etc...), you need a
   PAM module. Which one or where, I don't know.

-- 
Cordula's Web. http://www.cordula.ws/

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to