This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux:group_login_restriction [2018/05/19 00:42] clee231 created |
linux:group_login_restriction [2021/05/02 21:36] (current) |
||
---|---|---|---|
Line 8: | Line 8: | ||
- | ====== access.conf ====== | + | ===== access.conf ===== |
/etc/security/access.conf | /etc/security/access.conf | ||
Line 17: | Line 17: | ||
Keep in mind that this file is parsed from top to bottom, so the **ordering of your directives DO MATTER**! | Keep in mind that this file is parsed from top to bottom, so the **ordering of your directives DO MATTER**! | ||
- | ===== Giving access to a group ===== | + | ===== Giving access to a user/group ===== |
''+ : acmadmin : ALL'' | ''+ : acmadmin : ALL'' | ||
+ | ''+ : (adminGroup) : ALL'' | ||
In this example, we are giving access (''+'') to the username ''acmadmin'' on ''ALL'' access points | In this example, we are giving access (''+'') to the username ''acmadmin'' on ''ALL'' access points | ||
Line 32: | Line 33: | ||
- | <WRAP center round todo 60%> | + | <file|/etc/security/access.conf> |
- | Finish me! | + | +:root:ALL |
- | </WRAP> | + | +:acmadmin:ALL |
+ | +:(wheel):ALL | ||
+ | +:(AcmLanAdmins):ALL | ||
+ | -:ALL:ALL | ||
+ | </file> | ||
- | + | ====== pam ====== | |
- | ====== SSHD ====== | + | <code>auth required pam_access.so</code> |
- | + | add to /etc/pam.d/system-login | |
- | If your goal is to only restrict access via SSH, you can set the ''AllowGroups'' directive in ''/etc/ssh/sshd_config''. | + | |
- | + | ||
- | <WRAP center round todo 60%> | + | |
- | STUB | + | |
- | </WRAP> | + | |