> I've been using login.access for a long while, it hasnt occured to > me until now that sshd isnt taking that file into account. No users > (except me) can log in to my system with telnet and they shouldnt > with sshd.
login.access is only used by login(1), not by sshd. This is also the reason why time-limited logins and other nice configurable features are not possible to enforce with ssh. They are login(1)-specific. > Is there a workaround for this? Wouldnt it be considered a serious > bug that sshd doesnt parse this file? You could enable UseLogin in /etc/ssh/sshd_config but this is NOT recommended! See sshd_config(5). If sshd were fully PAMified, you could try to plug in some pam modules to enforce access policy. You'll have to test your setup thoroughly. I've tried this with a custom time class PAM module only to discover that sshd doesn't really interact all that well with such modules. Beware, and test. > Best Regards > Jonas Trollvik -- Cordula's Web. http://www.cordula.ws/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
