[clug] Stopping them at the door

David Price david.price at anu.edu.au
Mon Feb 14 02:33:46 GMT 2005

Paul Wayper wrote:
> Well, really only me from external sites.  So I guess it's not too much 
> of a problem.

In that case, you might consider setting up access controls to only 
allow certain users from certain locations.  You can add the following 
line to /etc/pam.d/ssh to enable it.

account  required       pam_access.so

Then edit /etc/security/access.conf.  eg:


will allow the user "paul" to log in from anywhere, and everyone else to 
only login from local machines (those without a ".").

This is on Debian systems that I've done this, I assume it's much the 
same for other distributions.



More information about the linux mailing list