Quote:> I need to have a generic user name and
> password for my systems however I
> don't want users to use this user name
> and password to log in.
I believe I understand what you're asking. You don't want the
"special" account to login directly to the box. You want to force
users to su to that account - which is nice because it creates an
audit trail. Here is how we do it.
First, we make all user accounts use /bin/ksh as their default shell.
This means that when they login, the /etc/profile file is executed.
Second, we modify /etc/profile. If the user's shell is ksh, it
compares their login ID to a special file. This file is a list of
usernames which are NOT allowed to login directly. This file would
contain the name of your "special" account. If /etc/profile
determines that the "special" account is attempting to login directly
via telnet or SSH, it displays a warning message and kicks them off
This is fairly simple and crude, but it works suprisingly well. Let
me know if you'd like to see the shell code and I can e-mail it to
I hope this helps.