Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Limit users to logging in from one concurrent host

Posted on 2004-11-30
9
Medium Priority
?
280 Views
Last Modified: 2010-04-20
I realy want to do this as a means to discourage the sharing of accounts (a rampant problem at my company).

Users need to be able to use thier account from any host, and need to be logged in from the same host multiple times, but I dont want them using the same account from a second host concurrently.

Any suggestions on how to implement this under suse 9.1?
0
Comment
Question by:squatex
8 Comments
 
LVL 2

Expert Comment

by:garak1357
ID: 12708449
More information is really needed.  What type of logon are you talking about?  SSH?  Telnet?  Samba Domain?  It would also be helpful to know what is the general landscape of your network.  Are they all Suse Linux systems?  Do you have any Windows or UNIX systems?

This is an interesting question.  I'm not sure I can help but I'd like to know more to give it some thought.
0
 
LVL 4

Author Comment

by:squatex
ID: 12709032
These are all windows  clients and a single Suse 9.1 server. The telnet and ssh sessions are all I really care about in this context. They all connect (we max out at about 130 users) via telnet/shh to run a custom finance app.

Fact is, I really dont have alot of control at the network level so making changes there is kind of moot. I do have complete control of this box though.

I was hoping there was some kind of built in functionality in PAM that would allow me to do this, otherwise Ive got a nasty shell script to write.

0
 
LVL 38

Expert Comment

by:yuzh
ID: 12712213
I think it is easier to write a wrapper script for your app, maintain a counter in your system, check the number of instance of the app is running before start a new one.

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Author Comment

by:squatex
ID: 12763889
yuzh - This will not work because users may or may not be running multiple instances of the app. Im looking to do this at the telent/ssh level anyway.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12764455
To limit telnet or ssh session, you can modify /etc/profile, please see
my answer in:
      http:Q_21193950.html
0
 
LVL 4

Author Comment

by:squatex
ID: 12764777
Yea but that doesnt fit the criteria.

Nevermind I figured it out anyway. Thank you  for trying to help me out.

Just in case anyone needs it add it to you ~/.profile.:

hostlist=`last  | grep $USER[[:space:]] | grep "still logged in" | cut -c 23-39`
telnetmyhost=`echo $REMOTEHOST | cut -c 1-16`
sshmyhost=`echo $SSH_CONNECTION | awk '{print $1}' | cut -d: -f4`
if [ $telnetmyhost = "" ]
then
myhost=$sshmyhost
else
myhost=$telnetmyhost
fi
for ahost in $hostlist
do
if [ $ahost != $myhost ]
then
kill -9 $$
fi
done
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12769791
Agree with PAQ / Refund

  Cheers!

yuzh

     PS: to check user current login to the system "who" is better than "last", "who" still can give you
           the remote login infor.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 12799461
Closed, 300 points refunded.

modulo
Community Support Moderator
Experts Exchange
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month14 days, 9 hours left to enroll

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question