look at /etc/hosts.deny
> Hi,
> I just took over SA. In our hosts, there was a setting that can not allow any user login from some hosts. Our OS is Sun OS 4.1.4. Does there anyone konw where the setting is?
> Thanks a lot.
> Kevin Chen.
by Tim Smit » Fri, 19 Mar 1999 04:00:00
> I just took over SA. In our hosts, there was a setting that can not allow any user login from some hosts. Our OS is Sun OS 4.1.4. Does there anyone konw where the setting is?
> Thanks a lot.
> Kevin Chen.
by John Wan » Fri, 19 Mar 1999 04:00:00
The most common way of denying logins for specific hosts would be to
install tcpwrappers. Do a "grep tcpd /etc/inetd.conf" to see if
tcpwrappers is in use. If it's in use read the man pages and edit
/etc/hosts.allow and /etc/hosts.deny appropriately.
Another approach and one that I consider more interesting is to limit
login's by netgroups but so far I've never met a sysadmin other than
myself that does it.
> Hi,
> I just took over SA. In our hosts, there was a setting that can not allow any user login from some hosts. Our OS is Sun OS 4.1.4. Does there anyone konw where the setting is?
> Thanks a lot.
> Kevin Chen.
1. Root login restrictions, without complete su restriction?
I'm trying to help a client beef up the previously lax security on their
AIX 4.1.4 system, and what I'd like to be able to do is something that
other UNIX operating systems allow, and I'm just having a bit of trouble
figuring out how to implement it on AIX.
I'd like to restrict anyone from logging in directly as "root" on all
terminals except for the console, but allow users in the "system" group
to "su" to root. I've got this working with "rlogin" and "telnet" by
disallowing remote logins in root's security characteristics, but as
far as I've been able to figure out so far, restricting the terminals
is essentially an all-or-nothing proposition.
If I restrict root to "/dev/tty0", the console, not only can I not log
in as root anywhere else, but I also can't "su" to root, even though
I'm in the system group.
Is there some way to prevent a direct login as root, but still allow
"su" by authorized users? Is there some concept of an "unsecure"
terminal?
Thanks for any suggestions!
-Mike Pelletier.
3. UNIX login attempt restriction
4. Top 10 posters comp.unix.questions
6. Compling error Apache on SCO Unix
7. NIS-Server login restriction
8. Shutdown/ATX Mainboard question
9. Login Restriction Problem, Pls help
10. RADIUS Server--Sun Directory Services 3.1--Restriction of multiple logins with same userid
12. Access control in Apache: how to combine domain restriction and login access?