Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    /etc/login.access does not appear to be working

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 305 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      apg
      last edited by

      2.3.2-RELEASE-p1 (amd64)
      built on Tue Sep 27 12:13:07 CDT 2016
      FreeBSD 10.3-RELEASE-p9

      In previous versions of pfsense, /etc/login.access would restrict who could logon from where.

      by adding a few lines, I could restrict root logons from a particular host to pfsense:

      • : root : 10.0.0.10
      • : root : ALL

      It seems to no longer work in this version of pfsense? No matter how I configure /etc/login.access,
      any host that knows root password can login.  Yes, I am aware that I can set firewall rules to prevent
      this, and have done so, but I prefer to have many layers of security.

      /etc/pam.d/ssh appears to have the correct line:
      account        required        pam_login_access.so

      It seems that this file is just being ignored?

      -al

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.