Book Image

CentOS System Administration Essentials

Book Image

CentOS System Administration Essentials

Overview of this book

Table of Contents (18 chapters)
CentOS System Administration Essentials
About the Author
About the Reviewers

Limits of PAM

Let's stick with using the SSH login at the moment. Many users will only access the server via SSH, perhaps using the PuTTY SSH client on Windows. If we want to control access to system resources, then we can implement restrictions using PAM and We should add the following line to the /etc/pam.d/sshd file:

session required

This will implement the module, however, we still have to set the restrictions in the /etc/security/limits.conf file; the module reads from this file. The file's structure is set as follows with these elements making up a line in the limits file:

<domain> <type> <item> <value>


Domain represents to whom the limit is intended. This, most often, is a username such as user1 or a group entry such as @users; the @ symbol differentiates between user and group names. To implement a default restriction to apply to all accounts that do not have their own entry is the wildcard *.


Type can be set to soft, hard...