On Sat, 30 Sep 2000, Dusty deBoer wrote:
> I have two user accounts set up on my home workstation (RH 6.1), say "guest" and
> "realuser". I want to set the guest account password to a simple password, so I
> can allow guests to use my workstation (X windows, other stuff) at the
> workstation. I want to keep telnet access open to "realuser" from the outside
> world, but I want to disable telnet access for "guest" since it will have an
> easy password. (In other words, only allow "guest" logins from the console.)
>
> Any ideas on how to do this? A bonus if you can tell me how to set this up for
> ssh also (disable ssh access for guest from the outside world).
There are a number of different ways to do this through PAM.
The easiest is probably to use pam_wheel and create a group for all the
people who are allowed to login via telnet (or ssh). You then just add the
line 'auth required /lib/security/pam_wheel.so group=remoteok'
to your telnet and ssh PAM files and only members of the 'remoteok' group
can use those services.
You could also use the pam_access or pam_listfile modules. I'm sure other
PAM modules could be used to achieve the desired goal. PAM is fun.
thornton
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
