OS version:Red Hat Enterprise Linux Server release 6.4
Kernel version:2.6.32-358.el6.x86_64


-------------------------------------------------------------------------


准备工作:
[root@Zhai ~]# groupadd pam_ssh
[root@Zhai ~]# useradd pam_test1 -G pam_ssh
[root@Zhai ~]# useradd pam_test2 -G pam_ssh
[root@Zhai ~]# useradd pam_test3
[root@Zhai ~]# useradd pam_test4
[root@Zhai ~]# useradd pam_test5


验证pam_permit.so:
[root@Zhai ~]# vi /etc/pam.d/sshd

#%PAM-1.0
auth            required        pam_permit.so
account         required        pam_unix.so
session         required        pam_loginuid.so


pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第1张图片




验证pam_deny.so:
[root@Zhai ~]# vi /etc/pam.d/sshd

#%PAM-1.0
auth            required        pam_deny.so
account         required        pam_unix.so
session         required        pam_loginuid.so


pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第2张图片




验证pam_time.so:
[root@Zhai ~]# vi /etc/pam.d/sshd

#%PAM-1.0
auth            required        pam_permit.so
account         required        pam_unix.so
account         required        pam_time.so
session         required        pam_loginuid.so


[root@Zhai ~]# vi /etc/security/time.conf

# Add by zhai_kang
# The default is to accept
# Only 01:00-01:04 Tuesday,Wednesday 00:05-00:08, pam_test3 can't log in via ssh
sshd;*;pam_test3;Tu0100-0104 | We0005-0008
# Only 01:00-01:04 Tuesday, pam_test4 can't log in via ssh
sshd;*;pam_test4;!Tu0100-0104
# Only 01:00-01:04 Tuesday, pam_test5 can log in via ssh
sshd;*;pam_test5;Tu0100-0104



pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第3张图片


pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第4张图片


pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第5张图片


pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第6张图片




验证pam_echo.so:
[root@Zhai ~]# vi /etc/pam.d/sshd

#%PAM-1.0
auth            required        pam_permit.so
account         required        pam_unix.so
session         required        pam_echo.so file=/etc/message


[root@Zhai ~]# vi /etc/message 

+---------------------------------------------------+
                welcome to %h Server
                Login User: %u
                Login from: %H
+---------------------------------------------------+



pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第7张图片




验证pam_limits.so:
[root@Zhai ~]# vi /etc/pam.d/sshd

#%PAM-1.0
auth            required        pam_permit.so
account         required        pam_unix.so
session         required        pam_limits.so debug conf=/etc/security/limits.conf


[root@Zhai ~]# vi /etc/security/limits.conf 

pam_test3       -       maxlogins       2


[root@Zhai ~]# > /var/log/secure



pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第8张图片


[root@Zhai ~]# cat /var/log/secure

pam_permit.so…pam_deny.so…pam_time.so…pam_echo.so…pam_limits.so_第9张图片





-------------------------------------------------------------------------


The detailed information:man pam_permit
The detailed information:man pam_deny
The detailed information:man pam_time
The detailed information:man pam_echo
The detailed information:man time.conf
The detailed information:man pam_limits
The detailed information:man limits.conf