Date: Sun, 10 Apr 2005 10:24:41 +0200 From: Anthony Atkielski <atkielski.anthony@wanadoo.fr> To: freebsd-questions@freebsd.org Subject: Re: How can I log every login via telnet? Message-ID: <1878091587.20050410102441@wanadoo.fr> In-Reply-To: <16984.42254.480019.606112@szamoca.krvarr.bc.ca> References: <1492434941.20050407204225@wanadoo.fr> <16981.34396.918396.208453@szamoca.krvarr.bc.ca> <856341966.20050408053245@wanadoo.fr> <16984.42254.480019.606112@szamoca.krvarr.bc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Sandy Rutherford writes: > See login.access(5) and login.conf(5). Both provide this > functionality. I've tried this and I've obtained weird results. Supposedly login stops at the first match in the login.access file. So I used this: +:ALL:console +:ALL:LOCAL +:xxx yyy:ALL EXCEPT 216.134.77.112 161.13.67.41 -:ALL:ALL The idea is to prohibit any logins from anywhere except the LAN and console for all users except xxx and yyy (and even for those two logins are not accepted from two specific IP addresses). But as soon as I add the -:ALL:ALL at the end, logins are disallowed for everyone except xxx and yyy, even on the LAN, and even with ssh. I'm perplexed. -- Anthony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1878091587.20050410102441>