/etc/login.access does not appear to be working
apg last edited by
built on Tue Sep 27 12:13:07 CDT 2016
In previous versions of pfsense, /etc/login.access would restrict who could logon from where.
by adding a few lines, I could restrict root logons from a particular host to pfsense:
- : root : 10.0.0.10
- : root : ALL
It seems to no longer work in this version of pfsense? No matter how I configure /etc/login.access,
any host that knows root password can login. Yes, I am aware that I can set firewall rules to prevent
this, and have done so, but I prefer to have many layers of security.
/etc/pam.d/ssh appears to have the correct line:
account required pam_login_access.so
It seems that this file is just being ignored?