On Thu, Dec 04, 2003 at 12:49:46PM +0800, Msquared wrote: > On Wed, Dec 03, 2003 at 11:16:05AM -0600, John Mathey wrote: > > > I had configured a system to prevent a user from logging into a system > > via telnet, but I can't remember now how I did it. Right after the motd > > was displayed, another banner would show up saying this is a closed > > system and shortly thereafter, they were logged out. > > It depends on what your requirements are. Do you need to allow ftp logins > too? Do you need to allow them to retrieve mail via POP or IMAP? > > If you want to block all access to the system for a specific user: > > passwd -l luser > > If you only need to block login services (ftp, sftp, scp, ssh, telnet): > > chsh -s /sbin/nologin luser > > If you have more complicated requirements (such as permit ftp, block > telnet/ssh), let me know. I've managed to configure my system so that you > can grant scp/sftp but block ssh (scp and sftp normally rely on ssh). > > > Either way, you should consider losing telnet and using ssh instead. > There's not much new to learn (download putty, if you're a Windows user, > or just use ssh commandline if you're a *nix user), and you get better > security. A good deal of all this can be done with host.deny and host.allow if the denial is on a machine with a fixed ip basis. -- ------------------------------------------- Aaron Konstam Computer Science Trinity University 715 Stadium Dr. San Antonio, TX 78212-7200 telephone: (210)-999-7484 email:akonstam@xxxxxxxxxxx -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
