Follow these steps :
In the Perl Modules module of Webmin, install
In the PAM Authentication module, add a new PAM service called webmin that uses Unix authentication.
In the Webmin Users module, create a new user called something like unixer, with access to the modules that you want all your Unix users to have access to.
In each of the modules unixer has access to, change the module access control to give your users rights only to their own accounts. For example, in the Change Passwords module you should select Only this user for the Users whose passwords can be changed so that Unix users logging in can only change their own passwords.
Click on Configure Unix user authentication below the list of Webmin users and choose Allow any Unix user to login with permissions of user unixer.
Any Unix user should now be able to login to Webmin on your system.
Again, if your system does not use PAM the first two steps can be skipped, and Webmin will read /etc/passwd or /etc/shadow file directly to authenticate users.
Another alternative to doing all this is to install Usermin, which allows all Unix users to login and access only settings belonging to them, using a similar interface to Webmin.
How can I make a Webmin user always use the same password as their shell login?
This can be done by following these steps :
In the Perl Modules module of Webmin.
install Authen::PAM from CPAN.
In the PAM Authentication module, add a new PAM service called webmin that uses Unix authentication.
In the Webmin Users module, click on the user that you want to symchronize with Unix and set his Password option to Unix Authentication.
If PAM is not used on your operating system, the first two steps can be skipped.
Webmin will instead read the /etc/passwd or /etc/shadow file directly to authenticate users who are using the Unix Authentication password mode.
How can I create a Webmin user who can only configure one Apache virtual server or DNS domain?
In the Webmin Servers module.
Create a new user and give him access to only the Apache Webserver module.
After saving, click on Apache Webserver next to the user’s name in the list of Webmin users and use the form that appears to deny him access to everything except one selected virtual server.
Many other modules can also be configured in a similar way to restrict the access of a user to only certain DNS domains, Unix users or mail aliases.
SNMP community user
We know that any monitoring tool (like Nagios , Mrtg etc ) installation needs SNMP to be configured.
In case you find any queries related to “snmp community user”, you can follow the steps below:
Command to use SNMP community user:
net-snmp-config –create-snmpv3-user -ro -a MD5 -A PASSWORD USERNAME
Example:
If I want to create a SNMP community user “admin” with password “tree321″,
then the command will be:
net-snmp-config –create-snmpv3-user -ro -a MD5 -A admin tree321
Note:
Encrypted password of SNMP community user will be stored
in /var/net-snmp/snmpd.conf.
Config file for SNMP : /etc/snmp/snmp.conf
In case you can’t find the command “net-snmp-config”, don’t get panic:)
Just install net-snmp-devel using yum or up2date.
Limit SSH User Logins
SSH logins can be limited to only certain users who need remote access. If you have many user accounts on the system then it makes sense to limit remote access to only those that really need it thus limiting the impact of a casual user having a weak password. Add an AllowUsers line followed by a space separated list of usernames to /etc/ssh/sshd_config. For example:
and restart the sshd service.
