Wednesday, August 17, 2011

Restrict telnet login by user

As we know ssh and telnet can be used for remote login by user. It is very simple to disable telnet service so that no one can login via telnet. But what if we want some user to log in via telnet and others not. For example suppose it want to allow user vishesh to log in via telnet and other users completely not allowed login via telnet

pam_succeed_if pam module should be configured in /etc/pam.d/telnet file to achieve this. Put following entries in /etc/pam.d/telnet

auth required user=vishesh quiet

My advice is create a group by name telnet and add user to that group to allow telnet login, in this scenario put following line as 2nd line in /etc/pam.d/telnet

auth required quiet user in group telnet