Is it possible to deny all NIS users from logging in?
There is no physical access to the host, so if NIS can not be configured to deny all, is the solution then to configure SSH to only allow root to login?
Asked
Active
Viewed 1,397 times
1 Answers
3
Why do you need NIS authentication in the first place then? You can simply take out 'nis' from the passwd/shadow/group lines in /etc/nsswitch.conf if you don't need to use NIS.
Alternatively, you can restrict logins by editing the local /etc/passwd file. Just append something like +::::::/bin/false to the tail, which will disallow any logins not specifically listed in /etc/passwd. If you need to allow certain NIS users or groups, you can add lines for them in the file as well (+user1:::::: or +@group1::::::).
-
Because I have an NFS mount point on the host, where the NIS users have their data. So in order to see the file/directory ownerships with usernames, I need to have a full featured NIS? – Sandra Apr 23 '13 at 10:34
-
Updated my answer with another way to do it – vicfn Apr 24 '13 at 16:22