Linux账号与身份管理第六部分
cat /etc/passwd | more
usermod -s /sbin/nologin testone
grep testone /etc/passwd
用testone登陆,出现this account is currently not available 的提示信息
vi /etc/nologin.txt
sorry ,you are not allow to login this time
保存退出
再次用testone登陆,出现sorry,you are not allow to login this time 的提示信息
统计passwd中各shell出现的次数
cat /etc/passwd
vi awk.sh
#!/bin/awk -f
BEGIN{
FS=":"
}
{
if($7=="/bin/bash") bash=bash+1
if($7=="/sbin/nologin") nologin=nologin+1
}
END{
print "/bin/bash times is :" bash
print "/sbin/nologin times is :" nologin
}
保存退出
awk -f awk.sh /etc/passwd
chmod 744 awk.sh
./awk.sh /etc/passwd
vi bash.sh
#!/bin/bash
read -p "Please input the /etc/passwd :" path
if [ -z "$path" -o "$path" != "/etc/passwd" -o ! -e "$path" ]; then
echo "sorry,the path is not right"; exit 1
fi
allshell=`cut -d : -f 7 "$path"`
for oneshell in $allshell
do
if [ "$oneshell" = "/bin/bash" ]; then
bash=$(($bash+1))
fi
if [ "$oneshell" == "/sbin/nologin" ]; then
nologin=$(($nologin+1))
fi
done
echo "/bin/bash has $bash times"
echo "/sbin/nologin has $nologin times"
bash bash.sh
输入/etc/passwd
PAM认证模块
ls /etc/security
ls /lib/security 
cd /etc/pam.d
ls
vi sshd
添加一行
account required pam_access.so
保存退出
cd /etc/security
ls
vi access.conf
添加
- : testone : ALL
保存推出
这里已经设置为所有ip都无法登陆testone账号
ssh testone@localhost
输入密码提示 Connection close by 127.0.0.1 无法登陆
vi access.conf
修改
- : testone : ALL EXCEPT 127.0.0.0/24
保存退出
220
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
