Differences

This shows you the differences between two versions of the page.

--- linux:group_login_restriction [2018/05/19 00:42]
clee231 created
+++ linux:group_login_restriction [2021/05/02 21:36]
@@ Line 1: / Line 1: @@
-====== Group Login Restriction ======
-====== What is it? ======
-When provisioning a machine (bare-metal or virtual) it may often be useful to only allow a certain group of users to access this machine.  Since all our linux systems have a unified userbase via AD, we are able to identify a group of users through regular group management.
-There are a few methods that we make use of achieve these restrictions.
-====== access.conf ======
-/etc/security/access.conf
-This is the Login access control table.  In this file, you can specify users and groups that are allowed access to the machine in question.
-The following examples assume are all done within ''access.conf''
-Keep in mind that this file is parsed from top to bottom, so the **ordering of your directives DO MATTER**!
-===== Giving access to a group =====
-''+ : acmadmin : ALL''
-In this example, we are giving access (''+'') to the username ''acmadmin'' on ''ALL'' access points
-===== Deny access to everyone else =====
-''- : ALL : ALL''
-This will disallow login by all users from all sources.  **This should generally be done as the very last directive in the file.**
-In this example, we are giving access (''+'') to the username ''acmadmin'' on ''ALL'' access points
-<WRAP center round todo 60%>
-Finish me!
-</WRAP>
-====== SSHD ======
-If your goal is to only restrict access via SSH, you can set the ''AllowGroups'' directive in ''/etc/ssh/sshd_config''.
-<WRAP center round todo 60%>
-STUB
-</WRAP>

UIC ACM

User Tools

Site Tools

Differences

Page Tools