Re: PAM

From: Kurt Seifried (bugtraq@seifried.org)
Date: 01/11/02


From: "Kurt Seifried" <bugtraq@seifried.org>
To: <focus-linux@securityfocus.com>
Date: Fri, 11 Jan 2002 00:32:45 -0700


> Hi
>
> Can PAM be used to block user logons by IP address.

Yes.

> i.e. Can PAM be configured to allow user A to access the server from
> x.x.x.x while blocking user B from accessing the server from outside
> 10.10.0.x.

I do not know of a specific module to do this but listfile is a good place
to start. Simply pass the IP and modify the config so that instead of just
username it is username followed by IP's/networks.

> Thanks

Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://www.seifried.org/security/



Relevant Pages