[svlug] Excluding usernames from ssh logins

Scott Hess Scott.Hess at gmail.com
Mon May 17 11:10:45 PDT 2004

Previous message: [svlug] Excluding usernames from ssh logins
Next message: [svlug] Excluding usernames from ssh logins
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 17 May 2004 10:58:10 -0700, Scott Hess <scott.hess at gmail.com> wrote:
> On Mon, 17 May 2004 10:49:03 -0700, wwsprague at ucdavis.edu <wwsprague at ucdavis.edu> wrote:
> > Does anyone know how to prevent an arbitrary user from logging in via
> > ssh?  I would like something like "NoRootLogin", except able to specify
> >   a specific non-root username.
> >
> > Context--secure ftp server with a username "ftp".  If you can login via
> > another account on the machine, I assume you can su to "ftp"; otherwise,
> > I don't want you to be able to login to a shell as "ftp".
> 
> You could try just disabling login for "ftp" entirely.  That should impact su.
> 
> [To disable login, put a "*" in the password field of /etc/passwd.
> Additionally perhaps put "/bin/false" in the shell field.  Or maybe I
> have those backwards.]

Additionally, read the login(1) man page.  Looks like /etc/usertty
could be used for this, also.

-scott

Previous message: [svlug] Excluding usernames from ssh logins
Next message: [svlug] Excluding usernames from ssh logins
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list