-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I think following link may help you for user based restriction of SSH service through PAM modules. http://www.rhce2b.com/clublinux/RHCE-15.shtml No idea about user based restriction in telnet !!!, can it be possible ? ~ 1. In /etc/pam.d/sshd, add the following line: auth required /lib/security/pam_listfile.so onerr=fail item=user sense=allow file=/etc/sshd_users ~ The above will allow a user to login via sshd if they are listed in the /etc/sshd_users file. The options specified have the following meanings: ~ * onerr=fail - If an error occurs (file specified isn't found, or an improperly formatted entry is found in the file), fail this test. This will deny the user access via sshd. The other possible option for "onerr" is "succeed". ~ * item=user - This states that we are testing or verifying the user's login name. ~ * sense=allow - This means that if the user is found in the file specified, this test succeeds. This will allow the user access if all other PAM tests succeed as well. The other possible option for "sense" is "deny". ~ * file=/etc/sshd_users - This specifies the file that will contain the list of users (one per line) that are allowed to access sshd. Regards Ritesh S. K. Goel wrote: | Actually I want | | User X, Y and Z to be use telnet but not ssh. | while user A, B and C can be use ssh but not telnet | | | [S K Goel] | On Sat, 2005-04-23 at 02:41 -0700, Mithun Bhattacharya wrote: | | |>One reason I could think of is if you wish to allow some users to |>tunnel connections through ssh and not allow the others - in such a |>case telnet and ssh would provide similar features. |> |> |>Mithun |> |>--- Amit Goel <[EMAIL PROTECTED]> wrote: |> |>>S. K. Goel wrote: |>> |>> |>>>Hi List, |>>> |>>> |>>>I want to give telnet access to some specified users and ssh access |>> |>>to |>> |>>>some other users, Is there is any file like telnet.allow / |>> |>>ssh.allow, So |>> |>>>that I can defined the same user wise. |>>> |>>> |>> |>>TELNET !!!!! Please use only ssh. |> |>__________________________________________________ |>Do You Yahoo!? |>Tired of spam? Yahoo! Mail has the best spam protection around |>http://mail.yahoo.com |> |>_______________________________________________ |>ilugd mailinglist -- ilugd@lists.linux-delhi.org |>http://frodo.hserus.net/mailman/listinfo/ilugd |>Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ | | _______________________________________________ | ilugd mailinglist -- ilugd@lists.linux-delhi.org | http://frodo.hserus.net/mailman/listinfo/ilugd | Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ | - -- Regards Ritesh Agrawal Senior Engineer-Systems Net 4 India Ltd, B-4/47, Safdarjung Enclave, New Delhi- 110 029, India - --------------------------------------------------- There are 10 types of people in this world, those who understand binary and those who don't - --------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCajX3Foz+P95jnTIRAmPoAKDBJ5/bHrpqxUyCYl+hwKyo15jxTwCfU55z 6Vzueo+Yt4L65IrKKqQ6rbw= =JNME -----END PGP SIGNATURE----- _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
