Assuming that your telnet server supports pam and that it's correctly configured, you probably want your config file to look something like: auth required pam_listfile.so item=user sense=deny file=/etc/ssh/ssh_denied_users onerr=succeed # stack to go through regular auth mechanism, whatever it is... auth required pam_stack.so service=system-auth auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session required pam_limits.so session optional pam_console.so But, given that it's not linked to pam in any way, it doesn't sound like your telnet server supports it. Maybe that helps.... --Kaleb On Thursday 07 July 2005 2:39 pm, harald.schwier@xxxxxxxxxx wrote: > Thanks for your reply. > > > > i want to restrict the login via telnet to an user account. All users > > > should be able to login via sshd, but only one user via in.telnetd. Is > > > it possible to configure this with pam? > > > > You probably want pam_listfile. > > I have just read about pam_listfile and it sounds very promissing. > I have created a file /etc/pam.d/telnet with the line: > account required /lib/security/pam_listfile.so file=/etc/telnet.acl > item=user sense=allow onerr=fail and a file /etc/telnet.acl with the name > og the user who should be allowed to use telnet. > > But it doesen't work :-( > > Is it the wrong configuration file? Or ist the configuration wrong? > Or is Fedoras in.telnetd not using pam? > ldd /usr/sbin/in.telnetd dosen't say anything about being linkt > to pam. > Any more ideas? > Thanks in advanced, > Harald > > > > . > > > > . > > > . > > . > > > > > > > > > > _______________________________________________ > > Pam-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/pam-list _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
