Re: limiting NIS access
Thank you every body. I over looked in reading nis.howto, my apology. I think I know how shoud I do with these Debian boxes, including ppc and old IPX/IPC sparc. Thank you Chanop -- ,-. | Chanop Silpa-Anan <[EMAIL PROTECTED]> | | Australian National University | | visit my web site (not yet finished)| | http://hilbert.anu.edu.au/~chanop/ | | FreeBSD PGP available upon request | `-'
Re: limiting NIS access
In article <[EMAIL PROTECTED]>, Chanop Silpa-Anan <[EMAIL PROTECTED]> wrote: >Is there a method in limiting NIS access. Now every user who has account on >Sun machine can log on to debian box with homedir=/ Don't put +::: in /etc/passwd, but list users individually: +miquels::: +chanop::: Now only `miquels' and `chanop' exist on the box. You can even do: +miquels::: +chanop::: +:*:: Now all users exist, but only `miquels' and `chanop' have a valid password and can log in. Read /usr/doc/nis/nis.debian.howto.gz for more info. Mike. -- ... somehow I have a feeling the hurting hasn't even begun yet -- Bill, "The Terrible Thunderlizards"
Re: limiting NIS access
On Wed, Sep 08, 1999 at 04:31:13AM +1000, Chanop Silpa-Anan wrote: > How could I limit an access to debian box to only some account. I still would > like to use NIS because of passsword maintenaince for user. > Is there a method in limiting NIS access. Now every user who has account on > Sun machine can log on to debian box with homedir=/ One approach is to create a netgroup containing those users that are allowed to log into the machine in question, and then making the NIS entries in /etc/passwd @netgroup:: +::/bin/false where netgroup is the name of the netgroup containing the authorised users and /bin/false is some shell which denies access (you might wish to make it something that prints a message explaining what's happening). When looking for a password entry, the system will take the first entry that is matched, so users in the netgroup will be able to log in as normal while everyone else will have their shell replaced by something that logs them out again. -- Mark Brown mailto:[EMAIL PROTECTED] (Trying to avoid grumpiness) http://www.tardis.ed.ac.uk/~broonie/ EUFShttp://www.eusa.ed.ac.uk/societies/filmsoc/ pgpFurbYRbp3z.pgp Description: PGP signature
Re: limiting NIS access
Read NIS-howto, for example you can create group and give them /bin/false as a login shell. On Wed, Sep 08, 1999 at 04:31:13AM +1000, Chanop Silpa-Anan wrote: > Hi, > > This is not Debian secific question. My system use NIS on all Sun machine. I > have a dew debian boxes running on the same network which use NIS from Sun > machine. > > How could I limit an access to debian box to only some account. I still would > like to use NIS because of passsword maintenaince for user. > > Is there a method in limiting NIS access. Now every user who has account on > Sun machine can log on to debian box with homedir=/ > > TIA > > Chanop > -- -- Marcin Kurc Indiana Institute of Technology System Administrator http://me.indtech.edu http://www.indtech.edu
limiting NIS access
Hi, This is not Debian secific question. My system use NIS on all Sun machine. I have a dew debian boxes running on the same network which use NIS from Sun machine. How could I limit an access to debian box to only some account. I still would like to use NIS because of passsword maintenaince for user. Is there a method in limiting NIS access. Now every user who has account on Sun machine can log on to debian box with homedir=/ TIA Chanop -- ,-. | Chanop Silpa-Anan <[EMAIL PROTECTED]> | | Australian National University | | visit my web site (not yet finished)| | http://hilbert.anu.edu.au/~chanop/ | | Debian GNU Hurd ICQ uin 11366301| `-'