Login restrictions in NIS environment
Richard Hobbs
richard.hobbs at crl.toshiba.co.uk
Wed Jun 8 10:57:58 UTC 2005
Hello,
Banning particular IP addresses is useless to us... We need to ban
particular users.
For example, if we ban fred's machine, fred can still log in from a
different machine. We need to ban fred from every machine, but he still
needs to be able to log into other machines on the network.
Thanks again,
Richard.
--
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Web: http://www.toshiba-europe.com/research/
Email: richard.hobbs at crl.toshiba.co.uk
Tel: +44 1223 376964 Mobile: +44 7811 803377
> -----Original Message-----
> From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Cecilio Marín
> Sent: 08 June 2005 11:13
> To: General Red Hat Linux discussion list
> Subject: Re: Login restrictions in NIS environment
>
> Hi,
>
> I thought asigns each service an IP (logically, a machine
> with multiple
> IPs), and then making use of a firewall (as iptables), restricting
> services use by rules. This only restrict by machines
> IPs/services, but
> not by users (I believe you only want restrict machines).
>
>
> Also, other method is server use one IP, but using wrappers
> hosts.allow,
> hosts.deny by services and IP ranges. This method permits
> specify user
> rules (in theory):
>
> sshd: user at machine.com <--- Applies to the specific user on the
> given computer.
> sshd: ALL EXCEPT user at machine.com <--- in hosts.deny, deny all
> except specific user from specific machine.
>
> Good luck!
>
>
> Richard Hobbs escribió:
>
> >Hello,
> >
> >Thanks for your response, but I don't quite understand it...
> >
> >What do you mean by "Separe services by IPs"?
> >
> >And how can I restrict logins per IP? Will this allow me to
> restrict certain
> >users from any IP, but to allow other users from any IP?
> >
> >Thanks again,
> >Richard.
> >
> >
> >
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
> _____________________________________________________________________
> This e-mail has been scanned for viruses by MCI's Internet
> Managed Scanning Services - powered by MessageLabs. For
> further information visit http://www.mci.com
>
>
_____________________________________________________________________
This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com
More information about the redhat-list
mailing list