Concurrent nologin access to ssh
Hello,
I need to have a linux account witch have access only to tcp forwarding (tunneling), no shell access and concurently just 1 login per account.
I tried to create accounts with nologin shell and set the limit of concurrent connections * hard maxlogins 1 in /etc/security/limits.conf . If i create a nologin account and check the "Don't start a shell or a command at all" in putty, the port forwarding works, the account don't have access to shell, but I can open more than one session. The problem is the condition in /etc/security/limits.conf works only if a shell opens. It doesn't works for nologin with "Don't start a shell or a command at all" checked in putty. So i tried to create a simple shell witch only says "welcome". The port forwarding works, i cannot login multiple times with an account and i don't have shell access, but if my clients checks the "Don't start a shell or a command at all" in putty they can login many times concurently and forward ports.Is there a way to force terminal open, so the "dont start.." option stop working? Or to make the port forwarding work only after shell starts?
I need a solution for the problem.
Please help
|