Re: Restrict user to only one active login

Benjamin White Wed, 18 May 2005 14:12:40 -0700

Thanks for the step by step solution, I knew PAM was the security module,
but never dug into it.

I will start digging.  Besides TLDP.org, any other good resources?

From: Leland Lucius <[EMAIL PROTECTED]>
Reply-To: Linux on 390 Port <[email protected]>
To: [email protected]
Subject: Re: Restrict user to only one active login
Date: Wed, 18 May 2005 15:53:58 -0500

Quoting Benjamin White <[EMAIL PROTECTED]>:

> How can a user be restricted to only one login at a time?
>

How's this look?

May 18 15:45:17 sosaatm sshd[1101]: Accepted publickey for sysadmin from
::ffff:10.11.2.55 port 1543 ssh2
May 18 15:45:33 sosaatm sshd[1123]: Accepted publickey for sysadmin from
::ffff:10.11.2.55 port 1544 ssh2
May 18 15:45:33 sosaatm pam_limits[1125]: Too many logins (max 1) for
sysadmin
May 18 15:45:33 sosaatm login[1125]: Permission denied

This is on SLES9.  What I had to do to set it up is verify that...

session  required       pam_limits.so

..was in /etc/pam.d/sshd.

Then I changed /etc/security/limits.conf to include:

sysadmin         hard    maxlogins       1

And finally I changed /etc/ssh/sshd_config to include:

UseLogin yes

Leland

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or
visit
http://www.marist.edu/htbin/wlvindex?LINUX-390


----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390

Re: Restrict user to only one active login

Reply via email to