On Wed, Feb 15, 2006 at 03:37:30PM +0100, Anthony Assi wrote: > Hi, > > i need to restrict access to some nodes of the cluster to all users > except Root and me, > > i tried the following Pam_access method > > **in /etc/security/access.conf : > +:root myusername:ALL > -:ALL:ALL > > > in /etc/pam.d/sshd or /etc/pam.d/login: > account required pam_access.so > > and then did a: /etc/init.d/sshd reload I use access.conf, but not in as strict a way as above (typically, I want to allow most users, but only allow root from one or two hosts). However, I've never had issues with it working. You'll also probably want to add LOCAL to the host field of the allow rule so that cron will be able to su. Alternatively, until you can get access.conf working, you could use AllowUsers and AllowGroups in sshd_config: AllowUsers root myusername AllowGroups root mygroup -- Gabe Turner gabe@xxxxxxxxxxx UNIX Systems Administrator, University of Minnesota Supercomputing Institute for Digital Simulation and Advanced Computation www.msi.umn.edu -- Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
