| 1 |
>> Should I do that via an ssh config setting, in shorewall, or somewhere else? |
| 2 |
> |
| 3 |
> I believe the right way would be to add 'account required |
| 4 |
> pam_access.so' line to /etc/pam.d/system-auth and define login |
| 5 |
> restrictions in /etc/securety/access.conf (it's also quite well |
| 6 |
> documented). |
| 7 |
> |
| 8 |
> That way you'll block ssh/ftp/mail etc logins for that account, which |
| 9 |
> should also be prone to brutforce attacks because of weak password. |
| 10 |
> |
| 11 |
> The catch is, of course, that you should have pam on your system ;) |
| 12 |
> |
| 13 |
> -- |
| 14 |
> Mike Kazantsev // fraggod.net |
| 15 |
|
| 16 |
Can anyone tell me how to find out which users on a system have a |
| 17 |
login shell (e.g. not /bin/nologin)? |
| 18 |
|
| 19 |
- Grant |
Archives