Pam access.conf and host access
From: Shane Hickey (shane@howsyournetwork.com)Date: 02/19/02
- Previous message: Jeff Hedgpeth: "Re: RPM aware rootkits?"
- Next in thread: Shane Hickey: "Re: Pam access.conf and host access"
- Reply: Shane Hickey: "Re: Pam access.conf and host access"
- Reply: Ajai Khattri: "Re: Pam access.conf and host access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Shane Hickey <shane@howsyournetwork.com> To: focus-linux@securityfocus.com Date: 19 Feb 2002 10:22:59 -0700
Hmm.. I'm seeing something weird with the pam-0.75-19 RedHat rpm. I'm
restricting ssh access to a box using the following for my
/etc/security/access.conf
-:ALL:ALL EXCEPT LOCAL 10.10.0.1
When I try to ssh in from that IP, I get the following in the logs.
Feb 19 10:04:11 test1 sshd[1774]: PAM rejected by account
configuration[6]: Permission denied
Feb 19 10:04:11 test1 sshd[1774]: Failed password for ROOT from
10.10.0.1 port 34741 ssh2
However, if I change my access.conf to look like this..
-ALL:ALL EXCEPT LOCAL 10.10.0.
I can log in fine. It's almost like there is a weird bug or something
that is failing to match a single complete IP in access.conf?
Has anyone else seen this, or am I crazy (or doing something wrong)?
Thanks,
Shane Hickey
- Previous message: Jeff Hedgpeth: "Re: RPM aware rootkits?"
- Next in thread: Shane Hickey: "Re: Pam access.conf and host access"
- Reply: Shane Hickey: "Re: Pam access.conf and host access"
- Reply: Ajai Khattri: "Re: Pam access.conf and host access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
