From owner-freebsd-questions  Wed Jul 19 19:20: 8 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from wcug.wwu.edu (sloth.wcug.wwu.edu [140.160.164.200])
	by hub.freebsd.org (Postfix) with SMTP id 1CC1C37B983
	for <questions@freebsd.org>; Wed, 19 Jul 2000 19:20:00 -0700 (PDT)
	(envelope-from doc@wcug.wwu.edu)
Received: (qmail 11803 invoked by uid 1074); 20 Jul 2000 02:19:56 -0000
Date: Wed, 19 Jul 2000 19:19:56 -0700 (PDT)
From: David Daugherty <doc@wcug.wwu.edu>
X-Sender: doc@sloth
To: questions@freebsd.org
Subject: login.access
Message-ID: <Pine.LNX.3.96.1000719191536.11768A-100000@sloth>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I'm trying to block all users with the exception of 2 from ssh'ing to my
system and gaining shell access. So, in the login.access I have:
+:root davidd:ALL
+:ALL:console
-:ALL:ALL

This is not working because I'm still able to ssh into the box with
usernames not listed above. Does anyone see anything wrong with the rules
above?

Of course root is already denied access through ssh. Just need to be able
to log in as root at the console.

David
Software Engineer - NetManage
Work email: david.daugherty@netmanage.com
Home email: doc@wcug.wwu.edu
ICQ 21106703
Washington State Resident




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message