Solved

Telnet login

Posted on 2000-02-21
6
374 Views
Last Modified: 2010-04-21
How can I restrict some groups of users to user Telnet service ?

Andrew
0
Comment
Question by:andrewyu
6 Comments
 
LVL 20

Expert Comment

by:tfewster
ID: 2543528
Do you want to force them to use/prevent them from using telnet to connect TO your server (instead of ftp/rlogin/rsh) or do you want to prevent them from using telnet FROM yur server to ther hosts?
0
 
LVL 15

Expert Comment

by:samri
ID: 2544649
andrewyu,

  On some flavor of unix, you can put /bin/false at the login shell
 for example:
 To prevent user guest from getting to telnet to you machine just change the shell to /bin/false.
 
  guest:x:1003:10:Guest Login:/home/guest:/bin/false

  As for the group.  I'm not sure, I think that you have do the same thing to each and every one in that group.   Tedious huh.  Well you can write a simple script to do the updates.

good luck,

samri
0
 

Author Comment

by:andrewyu
ID: 2546861
Actually, I want to know how can I grant a group of user to use Telnt service ?

Andrew
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 

Accepted Solution

by:
ddavis42 earned 0 total points
ID: 2547426
If you are using wrappers, and the users are logging in from the same IP addresses each time, you can edit the /etc/netperm-table file and lock them out by excluding their IP addresses.  Kind of a brute force method, but it will work.
0
 
LVL 20

Expert Comment

by:tfewster
ID: 2549902
Create a list of users who are allowed telnet access, e.g. /etc/telnet.allow; Make sure only root can change this file;

Modify /etc/profile, to add the following lines

if [ -n `ps -ef |grep $PPID |grep telnetd` ]
#i.e. connected by telnet
then
      if [ -z `grep $LOGNAME  /etc/telnet.allow ]
      # i.e. user is NOT in the list of allowed telnet users
            echo "You are not allowed telnet access"
            #exit 0
      fi      
fi

After thorough testing, uncomment the "exit 0" line.

Note that this does not check for rlogin or rsh access
0
 

Author Comment

by:andrewyu
ID: 2550614
Thank you very much !

Andrew
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question