[nycbug-talk] host.allow capability in login.conf ignored?
Hans Zaunere
hans
Mon Oct 18 13:16:25 EDT 2004
> I set up a login class for the first time today, which looks like this
> in /etc/login.conf:
>
> student:\
> :filesize=4M:\
> :maxproc=3:\
> :host.allow=209.11.29.178,localhost:\
> :tc=default:
>
> Ran cap_mkdb and logged in as a student via ssh. I was limited to only
> 3 processes, which was good (this will be an scponly account). But I
> was able to log in from a host which was not in the host.allow list.
>
> Does ssh bypass this somehow? Or is host.allow ignored? I read TFM and
> it only said that idletime was unimplemented...
Yeah, it bypasses some stuff...
http://lists.freebsd.org/pipermail/freebsd-questions/2003-December/02887
8.html
http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config
See AllowUsers maybe and UseLogin
That said, I never was able to get it to work exactly right.
H
More information about the talk
mailing list