Re: PAM

From: Kurt Seifried (bugtraq@seifried.org)
Date: 01/11/02 

From: "Kurt Seifried" <bugtraq@seifried.org>
To: <focus-linux@securityfocus.com>
Date: Fri, 11 Jan 2002 00:32:45 -0700

> Hi
>
> Can PAM be used to block user logons by IP address.

Yes.

> i.e. Can PAM be configured to allow user A to access the server from
> x.x.x.x while blocking user B from accessing the server from outside
> 10.10.0.x.

I do not know of a specific module to do this but listfile is a good place
to start. Simply pass the IP and modify the config so that instead of just
username it is username followed by IP's/networks.

> Thanks

Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://www.seifried.org/security/

Relevant Pages

  • Re: Authenticate a User.
    ... > getpwent/cryptin default config, and in conf he can change it over ... > to PAM if he likes. ... > the client is on different machine. ... > be send back the salt from the server to the client, ...
    (comp.os.linux.development.apps)
  • Re: Authenticate a User.
    ... It looks like PAM and getpwent/cryptgot the maximum votes, ... getpwent/cryptin default config, and in conf he can change it over ... the client is on different machine. ... be send back the salt from the server to the client, ...
    (comp.os.linux.development.apps)
  • PAM
    ... Can PAM be used to block user logons by IP address. ... i.e. Can PAM be configured to allow user A to access the server from ... x.x.x.x while blocking user B from accessing the server from outside ...
    (Focus-Linux)
  • Re: PAM
    ... > Can PAM be used to block user logons by IP address. ... > i.e. Can PAM be configured to allow user A to access the server from ... file where access restrictions must be put. ...
    (Focus-Linux)
  • Re: PAM
    ... > Can PAM be used to block user logons by IP address. ... > i.e. Can PAM be configured to allow user A to access the server from ... | has ever accomplished is but the dream before | ...
    (Focus-Linux)