On Sun, Mar 18, 2007 at 01:49:43PM +0800, Jay Jesus Amorin wrote:
> On 3/17/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> >On Sat, Mar 17, 2007 at 12:46:29PM +0800, Jay Jesus Amorin wrote:
> >> On 3/17/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> >> >On Fri, Mar 16, 2007 at 07:17:10PM +0800, Jay Jesus Amorin wrote:
> >> >> hi gurus,
> >> >>
> >> >> how will i configure sshd to allow only one username at a time.
> >> >>
> >> >> example:
> >> >>
> >> >> on pc1 ---- ssh [EMAIL PROTECTED]
> >> >> on pc2 ---- ssh [EMAIL PROTECTED]
> >> >>
> >> >> now what i like to happen is ssh on pc2 should be drop bec. the user
> >> >> root is already connected from pc1.
> >> >>
> >> >> is it possible with to configure sshd that way like ssh will already
> >> >> drop ssh root from pc2 bec. username root is already connected from
> >> >> pc1?
> >> >
> >> >I don't think that is a smart idea, and I am not aware of any way to
> >> >implement this particular requirement. You could probably write a daemon
> >> >or cron job that takes a look at the number of ptys in use by any single
> >> >account, and so on.
> >>
> >> thanks for the ideas
> >
> >Not to appear too nosy, but what do you *really* want to do? If you are
> >concerned about people leaving root sessions unattended, perhaps a
> >timeout would be a better way of achieving this? IIRC, there are some
> >programs that will lock a console when it's not used for X seconds.
> im using this set-up for pf/authpf authentication gateway, all i'm
> concern of is i dont want my user use other users account.
In that case, would a regular cron job plus a large stick not be far
more effective? It will also cause less confused helpdesk calls ('I
could log in yesterday, but today...').
Joachim
