LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-16-2002, 05:24 PM   #1
keevitaja
Member
 
Registered: Aug 2002
Location: Estonia
Distribution: XP PRO
Posts: 119

Rep: Reputation: 15
disable login over internet


is possible to diable login for one user over internet remotly.... so he could login only at the console?
 
Old 08-17-2002, 08:42 PM   #2
Thymox
Senior Member
 
Registered: Apr 2001
Location: Plymouth, England.
Distribution: Debian + Ubuntu
Posts: 4,358

Rep: Reputation: 57
Eh? What are you trying to do? Do you have one specific user that you don't want to access the machine by ssh, but still allow him/her access to the machine locally?
 
Old 08-19-2002, 04:23 PM   #3
keevitaja
Member
 
Registered: Aug 2002
Location: Estonia
Distribution: XP PRO
Posts: 119

Original Poster
Rep: Reputation: 15
yes, he could login at the console.
 
Old 08-19-2002, 04:43 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
well HOW are they logging in over the internet?? some useful information really wouldn't go amiss... are they using.. ssh, telnet, telnet-ssl, ftp, smb...?

since thymox mentioned ssh, you can restrict ssh logins with a line like

denyusers that_user

in sshd_config, or maybe a broader restriction in /etc/security/access.conf:

-:that_user:ALL EXCEPT LOCAL
 
Old 08-20-2002, 04:31 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,358
Blog Entries: 55

Rep: Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545
Also if your distro supports PAM and if your service does too have a look at this.
Look at the security enforcing rules in /etc/security and /etc/usertty.
Another way is a module called pam_listfile.so, for instance: add the line to the service you want to deny access for:
"auth required /lib/security/pam_listfile.so item=user sense=allow file=/etc/pam.d/users.deny onerr=fail" (w/o quotes). Now touch and chmod 0600 the /etc/pam.d/users.deny and add the name of the user to it.
 
Old 08-20-2002, 05:43 PM   #6
klickibunti
LQ Newbie
 
Registered: Aug 2002
Distribution: Red Hat Psyche
Posts: 18

Rep: Reputation: 0
the easies way is to comment the vc/1 - vc/x out in the file securetty (/etc)

sorry i can`t ensure that it will work, i never try it out...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to disable *any* remote login? lmmix Linux - Security 3 03-07-2005 04:51 AM
disable user login ust Linux - General 2 04-01-2004 12:06 PM
disable login juno Linux - General 1 10-25-2002 05:50 AM
auto login ~ how to disable? thinguy10 Linux - General 3 02-04-2002 05:34 AM
How to disable XWindow Login sarmadys Linux - General 3 12-06-2001 09:33 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration