Hello.
I have a linux server with an sftp operating. I need to allow some to manage only the users used to connect to the sftp server and by manage I actually mean to only unlock them when they get blocked for incorrect login attemps for example.
Can webmin do this and if it does, can you point me to the documentation on the specific configuration needed the achive this and the user manuals?
Thanks a lot!!
Yes, it can. Check “Webmin ⇾ Webmin Users: username ⇾ Available Webmin modules: System / Users and Groups” module access control page.
Webmin docs for the Users and Groups module is here: Users and Groups | Webmin
But, what you have is an access control question, which would be answered by Webmin Users | Webmin
Access control is configured in the same way regardless of what module you’re controlling access to.
@Ilia, @Joe: I managed to implement almost all that I needed, but I’m lacking the most import factor in my need: to be able to unlock ssh users faillocked after a number of failed ssh logins.
Is there a way to tell webmin to work the enable/disable user feature withthe ‘faillock --user’ command instead of ‘usermod -L’ command?
Also, the users list in the Users and Groups Module, display disabled users with italic format for users disabled with usermod -L, I need a way to visualize which users are pam faillocked (like when you lock a user with the faillock --user command).
I tried to see the code in the github repository but couldn’t do much since I’m not familiar with perl and cgi programming.
If it helps, I have a RHEL Oracle Linux 9.6 installation running a SFTP server based on openssh-server. What I want is to have a very restricted webmin user that can only unlock SFTP users that faillocked their user because they failed a number of ssh login attempts.
Thanks.
Webmin doesn’t currently have any awareness of faillock, you’d need to write some code (or need someone else to write some code) to get what you’re after.
You could use Custom Commands to allow a user to unlock a given user. You could also give them a command to list.
Custom Commands allow you to delegate running a given command, with optional user-provided arguments (including a User field, that allows selecting a username from a dropdown), and display the results. So, you could have one that lists locked users and one that accepts a username to unlock.
Docs for that are here: Custom Commands | Webmin
So, that gets you a workable solution in a few minutes. Not exactly the ideal user experience, but functional. To make it nice and integrated with the Users and Groups module will, as mentioned, require some code.
Thanks @Joe! I will try both the custom commands and writing code, I was already thinking about learning some perl and cgi.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.