now, HP can be very annoying when your coming off of a solaris box. anyway, i needed to change a password for a user who was on an HP machine. Changing the password was no problem but getting the user to log on with the new password was the problem.
the user kept getting "account disabled"... (1 Reply)
What do I need to do to be able to connect to an IRC server from work?
At work I'm behind a firewall that blocks all IRC connections on standard ports.
I read that I could use a shell account and set something up (which I am searching what) that I could use to connect to and tunnel my... (4 Replies)
I am writing a script which will execute commands on remote host only if they have a passwordless ssh setup. How do i check for that in my script (5 Replies)
Is it possible to SSH with an account that has its shell set to /sbin/nologin?
The reason I ask is because I am running an instance of nagios where I need to use SSH keys to run a check, but I am getting connect errors in Nagios. Also, what is the risk I run into if I just simply change my... (2 Replies)
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
This is a warning because we just went through searching for the error for some weeks.
In many cases the managed systems (respectively their service processors) reside on their own network, together with the HMC(s) managing them. In this setup usually the HMC acts as DHCP server for the service... (0 Replies)
Environment: CentOS 7
I would like to have a solution where a service account can access a server in only these ways:
ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed)
not ssh interactively
regular... (2 Replies)
Discussion started by: bgstack15
2 Replies
LEARN ABOUT CENTOS
pam_deny
PAM_DENY(8) Linux-PAM Manual PAM_DENY(8)NAME
pam_deny - The locking-out PAM module
SYNOPSIS
pam_deny.so
DESCRIPTION
This module can be used to deny access. It always indicates a failure to the application through the PAM framework. It might be suitable
for using for default (the OTHER) entries.
OPTIONS
This module does not recognise any options.
MODULE TYPES PROVIDED
All module types (account, auth, password and session) are provided.
RETURN VALUES
PAM_AUTH_ERR
This is returned by the account and auth services.
PAM_CRED_ERR
This is returned by the setcred function.
PAM_AUTHTOK_ERR
This is returned by the password service.
PAM_SESSION_ERR
This is returned by the session service.
EXAMPLES
#%PAM-1.0
#
# If we don't have config entries for a service, the
# OTHER entries are used. To be secure, warn and deny
# access to everything.
other auth required pam_warn.so
other auth required pam_deny.so
other account required pam_warn.so
other account required pam_deny.so
other password required pam_warn.so
other password required pam_deny.so
other session required pam_warn.so
other session required pam_deny.so
SEE ALSO pam.conf(5), pam.d(5), pam(8)AUTHOR
pam_deny was written by Andrew G. Morgan <morgan@kernel.org>
Linux-PAM Manual 09/19/2013 PAM_DENY(8)