?
Solved

Telnet login

Posted on 2000-02-21
6
Medium Priority
?
382 Views
Last Modified: 2010-04-21
How can I restrict some groups of users to user Telnet service ?

Andrew
0
Comment
Question by:andrewyu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 21

Expert Comment

by:tfewster
ID: 2543528
Do you want to force them to use/prevent them from using telnet to connect TO your server (instead of ftp/rlogin/rsh) or do you want to prevent them from using telnet FROM yur server to ther hosts?
0
 
LVL 15

Expert Comment

by:samri
ID: 2544649
andrewyu,

  On some flavor of unix, you can put /bin/false at the login shell
 for example:
 To prevent user guest from getting to telnet to you machine just change the shell to /bin/false.
 
  guest:x:1003:10:Guest Login:/home/guest:/bin/false

  As for the group.  I'm not sure, I think that you have do the same thing to each and every one in that group.   Tedious huh.  Well you can write a simple script to do the updates.

good luck,

samri
0
 

Author Comment

by:andrewyu
ID: 2546861
Actually, I want to know how can I grant a group of user to use Telnt service ?

Andrew
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Accepted Solution

by:
ddavis42 earned 0 total points
ID: 2547426
If you are using wrappers, and the users are logging in from the same IP addresses each time, you can edit the /etc/netperm-table file and lock them out by excluding their IP addresses.  Kind of a brute force method, but it will work.
0
 
LVL 21

Expert Comment

by:tfewster
ID: 2549902
Create a list of users who are allowed telnet access, e.g. /etc/telnet.allow; Make sure only root can change this file;

Modify /etc/profile, to add the following lines

if [ -n `ps -ef |grep $PPID |grep telnetd` ]
#i.e. connected by telnet
then
      if [ -z `grep $LOGNAME  /etc/telnet.allow ]
      # i.e. user is NOT in the list of allowed telnet users
            echo "You are not allowed telnet access"
            #exit 0
      fi      
fi

After thorough testing, uncomment the "exit 0" line.

Note that this does not check for rlogin or rsh access
0
 

Author Comment

by:andrewyu
ID: 2550614
Thank you very much !

Andrew
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month12 days, 13 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question