Re: Locking out users by name for direct login. Allow SU - only
From: Eigenvector (m44_master_at_yahoo.com)
Date: 05/21/05
- Previous message: Robert Klute: "Re: Restricting ftp on a trusted system"
- In reply to: Ted Linnell: "Re: Locking out users by name for direct login. Allow SU - only"
- Next in thread: BB: "Re: Locking out users by name for direct login. Allow SU - only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 20 May 2005 17:05:44 -0700
"Ted Linnell" <edlinnell@acslink.net.au> wrote in message
news:qnir81d5on1ba7p8gjska9qndk08c947kf@4ax.com...
> "Eigenvector" <m44_master@yahoo.com> wrote:
>
> >
> >"DM" <don.monk@genmills.com> wrote in message
> >news:WZ6je.20$Hj1.1093@news.uswest.net...
> >> Does anyone know a method to lockout non root users from direct access
> >> (telnet, ssh, remsh, etc.)? I would like to be able for certain non
> >> root users only allow then to be SU - to. It would be a kind of user
> >> equivalent to securetty for root.
> >>
> >> Any help is greatly appreciated.
> >>
> >> Thanks,
> >
> >Yeah, just lock the account - passwd -l <user>
> >
> >Locking the account shouldn't stop them from being switch user'ed into.
I
> >guess I haven't tried that directly, but I know it works for root su'ing
> >into daemon accounts.
> >> DM
> >>
> >
> But then only root can su to the account, any other user will require
> a password and find the account disabled.
>
> Ted.
Oh, you're right, I wasn't even thinking about that part. Duhhhh.
- Previous message: Robert Klute: "Re: Restricting ftp on a trusted system"
- In reply to: Ted Linnell: "Re: Locking out users by name for direct login. Allow SU - only"
- Next in thread: BB: "Re: Locking out users by name for direct login. Allow SU - only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
