On 11/09/2011 05:53 AM, Mike VanHorn wrote: >> You'll probably need to add a pam_access.so reference to the stock >> /etc/pam.d/password-auth. Make the first "account" line >> >> account required pam_access.so > My CentOS system doesn't have a stock password-auth file. I tried creating > one with that line in it, but that didn't work. Also, per some web pages I > found, I tried putting that line into system-auth, but that didn't work > either. i use this line in my /etc/pam.d/sshd file and it works correctly. i don't have other services, so i haven't put it in system-auth (or password-auth which is centos 6), but it does seem like it should work there as well. keep in mind that other things may interfere, there is a rule in system-auth that allows anyone with uid < 500 in, so that could be clouding things for you.