InfrastructureConstruction:RHEL8:AccessControl-pam.d-sshd
72.アクセス管理-pam.d-sshd
/etc/pam.d/sshd設定
#変更 vi /etc/pam.d/sshd
/etc/pam.d/sshd設定詳細
ハイライト行を追記する。
/etc/security/access.confの設定を反映する。
pam_access.soは/etc/security/access.confに書かれた制限を適用します。
#%PAM-1.0 auth substack password-auth auth include postlogin account required pam_sepermit.so account required pam_access.so account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session required pam_namespace.so session optional pam_keyinit.so force revoke session optional pam_motd.so session include password-auth session include postlogin
https://plaza.rakuten.co.jp/takaokin/diary/201808130000/
/etc/pam.d/sshd初期値
#%PAM-1.0 auth substack password-auth auth include postlogin account required pam_sepermit.so account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session required pam_namespace.so session optional pam_keyinit.so force revoke session optional pam_motd.so session include password-auth session include postlogin
InfrastructureConstruction/RHEL8/AccessControl-pam.d-sshd.txt · 最終更新: 2021/01/01 by 127.0.0.1