help with login.conf session limiting
Andy Gilligan
andy at glbx.net
Fri Nov 28 13:25:51 PST 2003
On Fri, 28 Nov 2003 at 09:13, Farid Hajji wrote:
> On Friday 28 November 2003 04:47 am, Julian C. Dunn wrote:
> > I wonder if any of you have ever tried to restrict the # of simultaneous
> > sessions on a FreeBSD box using login.conf. I'm trying to use the
> > 'sessionlimit' but it appears to be doing diddly squat. The class in
> > question is the following "subshell" one:
>
> login.conf is only used by login(1), not by sshd.
> Try setting UseLogin in /etc/ssh/sshd_config
> if you want sshd to use login, and therefore these
> settings. Beware: this is NOT recommended.
I've never had any problem using login.conf settings with sshd.
Resource limits, environment, path, umask, etc.. all work without
any trouble.
UseLogin is disabled in my sshd_config, but I understand that openssh
will use setusercontext(3) (and similar) on *BSD systems to enforce
login.conf settings.
In fairness however, I haven't tried setting 'sessionlimit'
in login.conf - PAM would probably be a better option.
-Andy
More information about the freebsd-stable
mailing list