SUMMARY: not allowing users to login to an NFS server

Date: Fri May 31 1991 - 12:58:19 CDT

Thanks for the almost immediate replies!

Summary of my question:

Trying to disallow logins for all but a selected few managers but still knowing
who everybody was via NIS.

Summary of solutions (in order of suitabilty for our situation):

1. put the following entry at the end of /etc/passwd

+@admin::0:0::: (this is optional and admin is a netgroup)

where not_welcome can be a simple script that type out a messages telling
users to use other machines instead.

This will take care of almost everything, telnet, ftp, rlogin and rsh.

For explanation see "man 5 passwd"

2. create a file /etc/nologin and both telnet and rlogin will be taken
   care of. [see man login]

   Only root can login when an /etc/nologin file exists. This does not prevent
   rsh or ftp.

3. remove entries for in.telnetd, in.rshd and in.rlogind.


Most people seem to like solution 1. I feel grateful to all who responded,
in order of mail arrival: [who interestingly suggest that we should forget
                                about NIS]

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:14 CDT