restricting users that don't have a homedir

From: David Hirst (dhirst_at_mitre.org)
Date: 02/19/04

Next message: Rick Moen: "Re: Verifying the host fingerprint"

Previous message: John Tackman: "RE: Verifying the host fingerprint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 19 Feb 2004 08:25:05 -0500
To: secureshell@securityfocus.com

Hello,
I currently have a centralized LDAP database that contains all my user
information. I'm using PAM/SSH to handle authentication (which works
fine) However, not all the users in the database have accounts on the
login machine. If a user does not have an account on the login machine
then they have no homedir and should not be able to login.

I've looked through the openssg src code and it seems that SSH will
abort the login process if HAVE_LOGIN_CAP is defined. However, on my
system, it is not because the login_cap.h (and login.h fwiw) files are
not present. What library do these header files belong to, how/where can
I get them? Is there another way to restrict access to the login machine
if a user doesn't have a homedir? Any pointers would be a great deal of
help!

Thanks in advance!
Dave Hirst

Next message: Rick Moen: "Re: Verifying the host fingerprint"

Previous message: John Tackman: "RE: Verifying the host fingerprint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]