[BSD6] SSH Restriction
Kostik Belousov
kostikbel at gmail.com
Fri Aug 1 12:27:02 UTC 2008
On Fri, Aug 01, 2008 at 02:10:04PM +0200, Ed Schouten wrote:
> Hello Karim,
>
> * karim.bourenane at orange-ftgroup.com <karim.bourenane at orange-ftgroup.com> wrote:
> > I have one question. How i can restrict ( limit ) 1 user to have for
> > exemple 5 ssh connection in simutanous time, no more ?
>
> It's quite funny you ask this question, because I've been working on
> this last week.
>
> The new TTY code, which I'll commit next week, adds a new rlimit to the
> kernel called RLIMIT_NPTS. This rlimit allows you to limit the number of
> pseudo-terminals allocated by a single user. This means you can limit
> the number of login sessions by tuning the "pseudoterminals" field in
> /etc/login.conf.
>
> This seems to work with tools like screen(1), xterm(1), etc.
> Unfortunately I didn't get it working with OpenSSH, because OpenSSH
> allocates terminals while been root. I've already contacted the OpenSSH
> folks about this, but I haven't got any response (yet).
Limit on the allocation of the ptys is useful. Trying to use it to top
the number of the "sessions" may be not. There is a -T option for the ssh(1).
Without clear description of why the restriction is imposed, the question
probably cannot be answered.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20080801/94d1bdd5/attachment.pgp
More information about the freebsd-current
mailing list