|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
FW: Opieaccess file, is this normal?
From: Didier Wiroth (didier.wiroth
mcesr.etat.lu)
Date: Thu Jun 24 2004 - 02:37:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hmm,
I thought using .opiealways would be the solution see:
http://www.onlamp.com/pub/a/bsd/2003/02/20/FreeBSD_Basics.html
Or
http://people.freebsd.org/~des/diary/2002.html
But I can still login with the standard password even if the opieaccess file
is empty.
-----Original Message-----
From: owner-freebsd-securityfreebsd.org
[mailto:owner-freebsd-securityfreebsd.org] On Behalf Of Didier Wiroth
Sent: Thursday, June 24, 2004 09:06
To: freebsd-securityfreebsd.org
Subject: RE: Opieaccess file, is this normal?
Hi,
Here is the content of /etc/pamd/ssh, it's actually the default, I didn't
change it.
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth required pam_unix.so no_warn
try_first_pass
account required pam_unix.so
session required pam_permit.so
password required pam_unix.so no_warn
try_first_pass
Î just want to point out the I want to keep "unix password authentication"
for the users whose host or network are in opieaccess. "Unix password
authenication" should be disabled for all users present in opiekeys and
whose hosts or network is not present in opieaccess.
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]