On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote: > Is it possible (how?) to restrict a user to only be allowed to make > use of its sudo usage permission if working at the physical console,
See pam_securetty(8) for that. Sorry I can't give you some step-by-step account. > not granting to this user sudo permission when i.e. logged in via > ssh? Now you have to decide: You want to *only allow root login on console* or to *disallow root login for ssh*? For the first, PAM is the right tool. The second should be default on most modern Linux distros (yell at them if it ain't ;-) and is governed by the sshd configuration, typically in /etc/ssh/sshd_config and documented in sshd_config(5). Cheers - t
signature.asc
Description: Digital signature
