Limit logins on a group of machines?
Charles Jones
charles.jones at ciscolearning.org
Wed Jun 17 11:31:39 MST 2009
Bill Jonas wrote:
> Hi all,
>
> I was wondering if anybody might point me in the right direction here.
> I know that for limiting concurrent logins on a *single* machine,
> you can set "maxlogins" in /etc/security/limits.conf.
>
> However, this is only good for that single system. Suppose you have
> three machines (foo, bar, and baz), and you wish to restrict the number
> of total logins across all three servers. For example, you wish to
> specify that a user may only log in once, total, on this set of systems.
>
> I've searched Google with very little luck. Most of the results are
> either about limits.conf, limiting concurrent logins on a Windows
> domain (yes, even with search terms of 'linux limit concurrent network
> logins' and the like), or are otherwise irrelevant.
>
> Can anyone provide any clues, point me in the right direction, or at
> least let me know I'll have to hack something together with finger,
> rwho, and/or a custom PAM module? :)
>
> Thanks!
>
What if, you created a watchdog script that ran on a central machine,
that every X seconds would ssh to all 3 machines and check for their
login. and if it sees them login to one of the machines it locks their
account and kills any existing logins on the other two? :-)
More information about the PLUG-discuss
mailing list