First you should enable pam_access.so:
- Unlink "/etc/pam.d/system-auth", which is a link to "/etc/pam.d/system-auth-ac".
- Create a new "/etc/pam.d/system-auth", includes all settings from "/etc/pam.d/system-auth-ac", like this:
 auth include system-auth-ac
 account include system-auth-ac
 password include system-auth-ac
 session include system-auth-ac
- Insert "pam_access.so":
 auth include system-auth-ac
 account required pam_access.so
 account include system-auth-ac
 password include system-auth-ac
 session include system-auth-ac
Now you can config pam_access.so by editing "/etc/security/access.conf", like this:
+ : player : LOCAL
- : player : ALL
For more info, read "man access.conf".
 
 

1 comment:
Short way:
In file
/etc/pam.d/ssh
Uncomment the line:
account required pam_access.so
In file
/etc/security/access.conf
Add the line:
-:abc:ALL EXCEPT LOCAL
Post a Comment