Is it possible to deny all NIS users from logging in?
There is no physical access to the host, so if NIS can not be configured to deny all, is the solution then to configure SSH to only allow root to login?
Linux – Possible to deny all NIS users from logging in over SSH
centoslinuxnissshUbuntu
Related Topic
- Disable SSH Password Login – How to Disable SSH Login with Password for Some Users
- Linux – Block All Users But One From SSH Access
- Ssh – Passwordless ssh with NFS+NIS
- Linux – NIS: which mechanism hides shadow.byname for unpriviledged users
- How to have logs about users logins/logouts in a NIS server
- One of the NIS users can’t login – why
- NIS users suddenly can’t login to SSH
Best Answer
Why do you need NIS authentication in the first place then? You can simply take out 'nis' from the passwd/shadow/group lines in
/etc/nsswitch.confif you don't need to use NIS.Alternatively, you can restrict logins by editing the local /etc/passwd file. Just append something like
+::::::/bin/falseto the tail, which will disallow any logins not specifically listed in /etc/passwd. If you need to allow certain NIS users or groups, you can add lines for them in the file as well (+user1::::::or+@group1::::::).