My goal is to restrict access to who can ssh into a server using the pam_group.so
I tried these settings into /etc/pam.d/sshd
But it does not work, I only have a generic failure message in auth.log
I tried these settings into /etc/pam.d/sshd
Code:
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
[B]auth required pam_group.so group=wheel[/B]
auth required pam_unix.so no_warn try_first_pass
# account
account required pam_nologin.so
#account required pam_krb5.so
account required pam_login_access.so
account required pam_unix.so
# session
#session optional pam_ssh.so
session required pam_permit.so
# password
#password sufficient pam_krb5.so no_warn try_first_pass
password required pam_unix.so no_warn try_first_pass
But it does not work, I only have a generic failure message in auth.log
Code:
error: PAM: authentication error for [I]user[/I] from [I]hostname[/I]