Mailinglist Archive: opensuse-security (636 mails)
| < Previous | Next > |
RE: new e-mail accounts (group 500 users)
- From: Rolf Angerbauer <Rolf.Angerbauer@xxxxxxxx>
- Date: Fri, 23 Feb 2001 10:26:15 +0100
- Message-id: <6B541D2B9EE8D411893D0000CB6602A80C782C@ABX-STGT-EX-02>
Hi Philipp,
you can set the shell for the mail-only users from i.e. /bin/bash to
/bin/false or any other not existent program.
Have a look at your /etc/passwd and edit as mentioned.
This user cant't login without having a valid shell. POP3 and SMTP still
works fine for those users.
If you like users only to not use your sshd, go to your sshd config file
(/etc/ssh/sshd_config)
You can use the "DenyUsers" sshd directive.
entries are separated by spaces, like this:
DenyUsers user1 user2 user3
OK?
Rolf
-----Original Message-----
From: Philipp Snizek [mailto:mailinglists@xxxxxxxxx]
Sent: Friday, February 23, 2001 8:02 AM
To: suse-security@xxxxxxxx
Subject: new e-mail accounts (group 500 users)
Dear list-users,
If I make a new e-mail account for my sendmail it's the same as if I made a
new user account for the mail server. People could login e.g. through ssh.
How can I restrict access to only just the corresponding e-mail account so
users could not log on to the mail server by a terminal client?
Thank you
Philipp
you can set the shell for the mail-only users from i.e. /bin/bash to
/bin/false or any other not existent program.
Have a look at your /etc/passwd and edit as mentioned.
This user cant't login without having a valid shell. POP3 and SMTP still
works fine for those users.
If you like users only to not use your sshd, go to your sshd config file
(/etc/ssh/sshd_config)
You can use the "DenyUsers" sshd directive.
entries are separated by spaces, like this:
DenyUsers user1 user2 user3
OK?
Rolf
-----Original Message-----
From: Philipp Snizek [mailto:mailinglists@xxxxxxxxx]
Sent: Friday, February 23, 2001 8:02 AM
To: suse-security@xxxxxxxx
Subject: new e-mail accounts (group 500 users)
Dear list-users,
If I make a new e-mail account for my sendmail it's the same as if I made a
new user account for the mail server. People could login e.g. through ssh.
How can I restrict access to only just the corresponding e-mail account so
users could not log on to the mail server by a terminal client?
Thank you
Philipp
| < Previous | Next > |