Authentication based on any of the PAM module

ssh linux authentication sftp pam

Solution 1:

I had a similar problem. The solution I found was:

  1. create an authentication stand-alone lib
  2. use authentication lib in the pam module
  3. to create a custom NSS plugin (from this https://github.com/donapieppo/libnss-ato ) and check with the authentication lib to see which local user accounts to map to (e.g. : "ftp_restricted_user" or "full_access_user" depending on the username)

so basically, when a user tries to loggin with ssh or sftp, the NSS plugin is called and maps the requested user-id to the local unix account. Then PAM comes into play just to check if the credentials are ok.

Hope this helps..

Related

Is it required to register a name server with GLUE records?
Apache2: nested require statements within Location
Moving Files After Conversion to pdf
How to reset the admin password for Observium
Validate tar extraction
How to restart service after some time?
Do I use whom or who in this sentence? [duplicate]
Word to describe a group of businesses selling the same product in the same location
Someone who carries out medical procedures in a UI
Can a phrasal adjective be placed AFTER a noun? [closed]
In which varieties of English is 't' in 'often' silent? [duplicate]
"Waiting for" or "Awaiting for"? [closed]