I have been looking around for an answer to this for a few days. I have a cluster of machines and I want to limit who can login where without messing too much with config files on individual machines. I thought I could do something using netgroups, but I've had little luck. So far, the only thing that has worked is using "pam_check_host_attr yes" coupled with a list of hosts in the user's entry. I've tried creating a netgroup of hosts and referencing that in the host entry, but that didn't work. I'm trying to avoid having to list out over a hundred hosts in a user's LDAP entry.
Ideally, I would like to create groups of hosts and allow users access to those host groups. Is there some documentation about the host declaration that I'm missing? Sorry if this has been covered before, but I didn't see any area where I can search the archive. Thanks =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=++=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Christian Caruthers, System Administrator, SSAI NASA Langley Research Center Atmospheric Sciences Data Center Mail Stop 157D 2 South Wright St., Bldg. 1268C, Room 2303G Hampton, VA 23681-2199 [email protected] Phone: (757)864-7569 Mobile: (757)272-9583 http://eosweb.larc.nasa.gov Fax: (757)864-8807 +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= "A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams
