On Fri, 19 Dec 2003, Craig White wrote:
> On Fri, 2003-12-19 at 09:42, Aaron Konstam wrote:
> > We have 40+ machines that are NIS clients of one server. All the machines
> > share a user filesyste. nfs mounted on each client. We want to prevent all
> > but a select few to be able to login to the server. Since all machines
> > have the same effective passwd file it is a problem.
> >
> > We are only interest in ssh access since we have blocked all other types
> > of access to everyone. Any one have some ideas?
> ----
> isn't that what /etc/hosts.allow and /etc/hosts.deny is about?
>
> /etc/hosts.deny
> ALL:ALL
>
> /etc/hosts.allow
> nfs:ALL
> sshd:ALL
>
> man hosts.allow
>
> best to play with restriction based permissions after hours ;-)
>
If for some reason you have trouble doing what you want by specifying
allowed computers in hosts.allow, you can instead use the firewall to
specify which computers are allowed to establish tcp connections on the
ssh port (normally 22).
--
Steven Yellin
--
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list
