From owner-freebsd-security  Thu Jan 13 17:41: 0 2000
Delivered-To: freebsd-security@freebsd.org
Received: from pau-amma.whistle.com (pau-amma.whistle.com [207.76.205.64])
	by hub.freebsd.org (Postfix) with ESMTP id 330B614E9A
	for <freebsd-security@FreeBSD.ORG>; Thu, 13 Jan 2000 17:40:58 -0800 (PST)
	(envelope-from dhw@whistle.com)
Received: (from dhw@localhost)
	by pau-amma.whistle.com (8.9.2/8.9.2) id RAA49056;
	Thu, 13 Jan 2000 17:40:56 -0800 (PST)
Date: Thu, 13 Jan 2000 17:40:56 -0800 (PST)
From: David Wolfskill <dhw@whistle.com>
Message-Id: <200001140140.RAA49056@pau-amma.whistle.com>
To: freebsd-security@FreeBSD.ORG, ncb@zip.com.au
Subject: Re: Disallow remote login by regular user.
In-Reply-To: <Pine.LNX.4.10.10001141203280.3124-100000@zipperii.zip.com.au>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>Date: Fri, 14 Jan 2000 12:06:36 +1100 (EST)
>From: Nicholas Brawn <ncb@zip.com.au>

>Hi folks. I'm trying to ocnfigure my system so that I can disallow a
>particular user account from being able to login remotely, and forcing
>users to su to the account instead. How may I configure this?

>PS. Users may be using anything from telnet to ssh to login to the system,
>so I need something that works across the board.

I find that using '*' as the encrypted password appears to do the job
for me.

Cheers,
david
-- 
David Wolfskill		dhw@whistle.com		UNIX System Administrator
voice: (650) 577-7158	pager: (888) 347-0197	FAX: (650) 372-5915


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message