[clug] Stopping them at the door
David Price
david.price at anu.edu.au
Mon Feb 14 02:33:46 GMT 2005
Paul Wayper wrote:
> Well, really only me from external sites. So I guess it's not too much
> of a problem.
In that case, you might consider setting up access controls to only
allow certain users from certain locations. You can add the following
line to /etc/pam.d/ssh to enable it.
account required pam_access.so
Then edit /etc/security/access.conf. eg:
+:paul:ALL
+:ALL:LOCAL
-:ALL:ALL
will allow the user "paul" to log in from anywhere, and everyone else to
only login from local machines (those without a ".").
This is on Debian systems that I've done this, I assume it's much the
same for other distributions.
David
--
http://dmprice.com/
More information about the linux
mailing list