Re: Pam access.conf and host access
From: Ajai Khattri (ajai@bitblit.net)Date: 02/20/02
- Previous message: Shane Hickey: "Re: Pam access.conf and host access"
- In reply to: Shane Hickey: "Pam access.conf and host access"
- Next in thread: Terrence Martin: "Restricted Shells or Menu Based Shells"
- Reply: Terrence Martin: "Restricted Shells or Menu Based Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 19 Feb 2002 19:28:07 -0500 (EST) From: "Ajai Khattri" <ajai@bitblit.net> To: <focus-linux@securityfocus.com>
> Hmm.. I'm seeing something weird with the pam-0.75-19 RedHat rpm. I'm
> restricting ssh access to a box using the following for my
> /etc/security/access.conf
>
> -:ALL:ALL EXCEPT LOCAL 10.10.0.1
>
> When I try to ssh in from that IP, I get the following in the logs.
>
> Feb 19 10:04:11 test1 sshd[1774]: PAM rejected by account
> configuration[6]: Permission denied
> Feb 19 10:04:11 test1 sshd[1774]: Failed password for ROOT from
> 10.10.0.1 port 34741 ssh2
>
> However, if I change my access.conf to look like this..
>
> -ALL:ALL EXCEPT LOCAL 10.10.0.
>
> I can log in fine. It's almost like there is a weird bug or something
> that is failing to match a single complete IP in access.conf?
Don't you have to have a period at the end of the IP address (as it says in
the comments in access.conf) ?
-----------------------------------------
This email was sent using SquirrelMail.
"Webmail for nuts!"
http://squirrelmail.org/
- Previous message: Shane Hickey: "Re: Pam access.conf and host access"
- In reply to: Shane Hickey: "Pam access.conf and host access"
- Next in thread: Terrence Martin: "Restricted Shells or Menu Based Shells"
- Reply: Terrence Martin: "Restricted Shells or Menu Based Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
