Selective blocking of password authentication
Frank Cusack
fcusack at fcusack.com
Wed Oct 30 10:18:36 EST 2002
On Tue, Oct 29, 2002 at 02:00:21AM -0800, David Grimes wrote:
> Thanks, that sounds like it might be do-able with PAM. The only problem
> is that some users would like to be able to physically log into the machines
> as well. I'm not sure if PAM would be able to differentiate between login
> and sshd. I'll look into this though...
That's absolutely doable with PAM, that's one of the things it's good at/for.
> Sorry I really should have mentioned that I'm also running
> Debian Linux (sid-2.4.19).
Then you should already have the pam_listfile.so module (or whatever it's
called) and not have to go through the hassle of finding/building it.
/fc
More information about the openssh-unix-dev
mailing list