Very happy, today I use a very simple way to solve problems that plague me for several days.
problem:
I have two Linux servers, dividends servers, and secondary servers, and primary servers provide routing, NIS and other services. Through NIS, the secondary server needs to share the user account information above the main server, but for security reasons, all users can only log in to the secondary server via SSH or locally, without logging in to the primary server. That is, the user cannot perform operations on the primary server.
Solution process:
Just start, I have been looking for the NIS configuration method, I hope to solve this problem through NIS, but I have not found the answer. Today is inspired by / sbin / nologin, I want to build a symbolic link below / bin, such as / bin / kalish, then set all the users' shells to / bin / kalish, then on the main server, / bin / kalish points to / sbin / nologin, and the / bin / kalish on the secondary server points to / bin / bash, so that the user can log in and execute the shell on the secondary server, and the user does not log in. In this way, my problem is solved. At the same time, this approach can also be extended to other different shells.
I love linux ...