Cinergi - you know my configuration from post "PASSWORD problem!". I use libnss generaly for sendmail [email account] cause authentication for ftp,pop3 and imp I use pam_mysql. User with shell acces is stored in passwd. I want to deny any possibility to access to ssh with libnss. How to do that.
p.s even if I changed shell to /bin/bash in mysql I can't log on. That's good :) but I think that is something wrong with my configuration.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Cinergi - you know my configuration from post "PASSWORD problem!". I use libnss generaly for sendmail [email account] cause authentication for ftp,pop3 and imp I use pam_mysql. User with shell acces is stored in passwd. I want to deny any possibility to access to ssh with libnss. How to do that.
p.s even if I changed shell to /bin/bash in mysql I can't log on. That's good :) but I think that is something wrong with my configuration.
Several pam modules could accomplish this .. like pam_localuser or pam_listfile. Just make sure it's part of the ssh pam stack.
So long as you're storing encrypted passwords in MySQL PASSWORD format, there's no chance of any application allowing access unless:
1) specifically configured via pam_mysql
2) some sort of ssh key or .rhosts authentication where the password isn't used/required
thanks for your all help
great soft!!
good luck