You can also specify default environment settings in
You can also specify default environment settings in /etc/login.conf. This can be better than setting them in a user’s default .cshrc or .profile, as these settings affect all user accounts immediately upon each user’s next login. Here are some common environment settings. hushlogin If present, no system information is given out during the initial login ignorenologin If present, the user can log in even when /etc/nologin exists nologin If present, the user cannot login path The default search path for programs priority The default process priority, or niceness requirehome If present, the user must have a valid home directory to log in setenv A list of default environment variables shell The shell given to the user; overrides the one in /etc/passwd term The default terminal type, if nothing else tries to set a terminal type umask The default umask welcome The file containing a message displayed to the user upon login FTP Options You can “chroot” FTP users to their home directory via the text file /etc/ftpchroot, but if you have a lot of FTP-only users you’ll be better off using a login class to contain them. It is far more maintainable in the long run. Here are the FTP-affecting login.conf variables: ftpchroot If present, a FTP user is automatically chrooted into their login directory (by default, their home directory) ftp-dir The full path to a login directory for FTP users, to give several FTP users a common directory If you chroot FTP users it’s a good idea to tell them so with a “welcome” message (as described under “Default Environment Settings”). Controlling Password and Login Options You can control various password operations in /etc/login.conf. Unlike the environment setup, many of these can only be set in this file. OpenBSD also includes some very extensive methods to control how authentication works: see Authentication. Here are some common options for boring password authentication. localcipher This controls the password encryption method. This defaults to blowfish hashing, but you could set this to “old” for compatibility with the 56-bit DES hashes used in many older versions of UNIX. login-backoff This controls how quickly a user can try to log in. After this many login attempts, the login program starts to slow down how often it offers a login prompt. Page 141
Hint: This post is supported by Gama besplatan domen provider