Les Mikesell wrote:
edwardspl@xxxxxxxxxx
wrote:
Tom Spec wrote:
What do you mean by "solution"? Do you
want to stop people from logging in when they have the correct
password?
You should make your passwords strong enough so that people cannot
(easily) guess/hack them.
Don't allow people to log in as root remotely.
You can limit where people can log in from by using iptables.
Tom
If there is ssh-telnet service for user...
Then is there a solution to fix the problem of hack ( although someone
who know the user's password, but they can't modify / delete any
profile files, so the user who can login to the server nect time again
) ?
eg : limit user profile ( user account ) ?
if so, how to do this ?
Edward.
I think the real solution is to teach your user that it is important
not to let others know his password if he hasn't figured that out
himself yet. And if others do need this access they should have their
own accounts instead of being able to pretend to be someone else.
Hello,
But I think the user account ( profile files ) is also problem, so, I
want to know how limit the related files ( including the dot file ) !
Edward.
|