Iptables and Logins at boot-up

Andor Demarteau andor at nl.linux.org
Sun Oct 10 09:15:43 UTC 2004

On Sat, 9 Oct 2004, John J. Boyer wrote:

 > Thanks to all who helped with the ssh problem. There were two gotchas.
 > Iptables was blocking all connections, and password authentication was
 > turned off. Now I want to use the target machine to receive mail and for
 > backup. When I boot the target machine, iptables is on and I have to log
 > in as root to turn it off. How can I set iptables to be off at boot time?
 > Or, better, to accept ssh and scp only from the source machine?
well if you can login already as root, you probably can login as any user.

Find the line in your rule-set that allows ssh-access (port 22).
add to this line the -s or --source flag with the ip-address of the
providing the output-chaing allows all outgping traffic, that's all.

Disableing iptables may not be a good idea security-wise.

 > Two user accounts receive mail continuously. I would like to have them
 > automatically logged on at boot time. Is this possible? How?
that's a tricky one.
what you may wnat to do is edit your inittab file and change one of the
lines looking like this (on debian at least):
1:2345:respawn:/sbin/getty 38400 tty1
chagne the last part.
what you could try (note that this is something i haven't tried)
is install sudo and use: sudo -u <user> -H -s (check man for correct
at the correct user -H for the correct enviroment and -s to get a shell or
chagne -s to i.e. start pine/mutt directly.

good luck.

 > Thanks,
 > John

Andor Demarteau                 E-mail: andor at nl.linux.org
student computer science        www: http://www.nl.linux.org/~andor
UU based & VU guest-student     jabber,icq,msn,voip: do ask ;)
chairman Stichting Studiereizen STORM www: http://www.stistusto.nl
vice-chairman USF Studentenbelangen executive committee 2002-2003

More information about the Blinux-list mailing list