Restricting Interactive Logins to server

tealey@sgi.com · 07-10-2006, 04:59 PM

Hi,

I would like to restrict normal users from any interactive logins to a server but since this is also a mail server I need to enable the users the ability to run services such as imap/pop. I would also like to "spit" out a message to the user if they attempt to login, informing them that the server does not allow logins. Any help would be appreciated. Thanks!!

vls · 07-10-2006, 05:20 PM

/etc/login.access
I wouldn't bother with a message.

theNbomr · 07-10-2006, 06:34 PM

You can create a simple script like this.

Code:

#! /bin/bash -
echo "*********************************************************************"
echo "*                                                                   *"
echo "*                   Logins denied on this host                      *"
echo "*                                                                   *"
echo "*********************************************************************"
sleep 5
exit

Call it something like /usr/local/bin/nulLogin and make that the default shell for the users you want locked out, by entering it in /etc/passwd for each appropriate user.

eg:

Code:

test01:x:3456:3456::/home/test01:/usr/local/bin/nulLogin

--- rod.

tealey@sgi.com · 07-11-2006, 08:47 AM

Thanks for the suggestions so far but as for the bash suggestion ... I am in a NIS environment and users do access other systems interactively so I can not change their default shell. Also the server in question is running SuSe Enterprise Server 9.