telnet/sshd limited by user?

Benjamin Lutz benlutz at
Sun Aug 7 22:32:43 GMT 2005

>     Is it possible to set things so that 'telnet' is allowed only to one
> specific user, while everyone else needs sshd? ie: Obviously, nologin
> can be used as a shell to not permit any logins (but makes 'su' break
> too), but I'd like to allow telnet for one specific user only and keep
> everyone else on sshd.

Yes, by playing with PAM. You can change telnetd's PAM configuration
(/etc/pam.d/telnetd) to include a group check:

auth	requisite	no_warn group=telnetusers

Then create a group "telnetusers", and make your telnet user a member of it.

Haven't tested it myself, hope it works.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 186 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list