password inquiry with pam_access

Sonja Stumpf Thu, 27 Jun 2002 15:17:46 -0700

Dear RedHat-list,

I hope you can give me a hint :

We are working with the default RedHat-PAM installation :

redhat 7.3
pam_smb-1.1.6-2
pam_krb5-1.55-1
pam-0.75-32
pam-devel-0.75-32


and would like to disallow all Users except root and
a special netgroup of users to use the machines.

Therefor I'm using /etc/security/access.conf:

-:ALL EXCEPT root @admin:ALL

/etc/pam.d/rlogin :
#%PAM-1.0
# For root login to succeed here with pam_security, "rlogin" must be
# listed in /etc/securetty.
account   requsite     /lib/security/pam_access.so
auth       required     /lib/security/pam_nologin.so
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_env.so
auth       sufficient   /lib/security/pam_rhosts_auth.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth

It's working but the rejected users will be asked for the password,
before
they are getting a "Connection closed".

By ssh <host> the users will be asked 3(!) times before they are getting 
a "Permission denied"

How can I avoid the password-inquiry ?


Thank you in advance

 Sonja Stumpf



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
password inquiry with pam_access

Reply via email to
