Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-12-2007, 03:35 AM
|
#1
|
Member
Registered: Jun 2006
Location: India
Distribution: RHEL,Suse,Fedora
Posts: 106
Rep:
|
Unable to restrict SSH sessions through PAM
OS: RHEL 3 kernel: 2.4.21-47.ELsmp
_______________________________
cat /etc/security/limits.conf
sunil hard maxlogins 1
-------------------------
cat /etc/pam.d/sshd
session required pam_limits.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so
_______________________________
tail /var/log/messages
Apr 12 13:51:39 estel sshd(pam_unix)[7735]: session opened for user sunil by (uid=0)
Apr 12 13:51:47 estel sshd(pam_unix)[7781]: session opened for user sunil by (uid=0)
Apr 12 13:51:58 estel pam_limits[7827]: Too many logins (max 1) for sunil
now the user sunil should not be able to ssh only once. However, here he is able to create two ssh sessions. What are the things I need to do.
PS: When I use "sunil hard maxlogins 0". It works perfectly fine.means no login ....
|
|
|
04-12-2007, 01:18 PM
|
#2
|
Member
Registered: Nov 2005
Location: Central New York
Distribution: Ubuntu
Posts: 405
Rep:
|
Check out this link to the Red Hat Knowledgebase. There is only one difference, so I'm not sure if this will help at all.
What version of OpenSSH are you running?
|
|
|
04-13-2007, 01:50 AM
|
#3
|
Member
Registered: Jun 2006
Location: India
Distribution: RHEL,Suse,Fedora
Posts: 106
Original Poster
Rep:
|
even putting an " - " in place of " hard" does not make any difference..
openssh version is openssh-3.6.1p2-33.30.9
Quote:
Originally Posted by cgjones
Check out this link to the Red Hat Knowledgebase. There is only one difference, so I'm not sure if this will help at all.
What version of OpenSSH are you running?
|
|
|
|
04-13-2007, 01:46 PM
|
#4
|
Member
Registered: Nov 2005
Location: Central New York
Distribution: Ubuntu
Posts: 405
Rep:
|
I asked about the version because while I was searching the Red Hat knowledgebase, I came upon the following FAQ.
http://kbase.redhat.com/faq/FAQ_45_3504.shtm
At the bottom, they say:
Quote:
Note: This problem has been fixed in version 3.8 of SSH which may be included in future releases of Red Hat Enterprise Linux.
|
I would assume that this is the problem you are running into.
|
|
|
All times are GMT -5. The time now is 04:43 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|