In CentOS/RHEL 7, the /etc/pam.conf is depreciated and /etc/pam.d/remote will be used for controlling the telnet services. Follow the steps shown below to enable the telnet access to a group of users only.

 

Enabling telnet for group of users

 

1. Create a new group for users that are allowed to run telnet

# groupadd telnetusers

 

2. Add users to the group

# usermod -G telnetusers user01

 

3. Create the file /etc/security/telnet-group-users, and add the telnetusers group to the file.

# cat /etc/security/telnet-group-users
telnetusers

 

4. Make sure /etc/security/telnet-group-users only writable for root user.

# ls -l /etc/security/telnet-group-users
-rw-r--r-- 1 root root 7 Sept 4 10:32 /etc/security/telnet-group-users

 

5. Add following rules to /etc/pam.d/remote

auth required pam_listfile.so item=group sense=allow file=/etc/security/telnet-group-users

 

6. Verify the telnet connectivity to the server with any one of the user in the group “telnetusers”.

Was this answer helpful? 0 Users Found This Useful (0 Votes)