[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Login restrictions in NIS environment



Hello,

Banning particular IP addresses is useless to us... We need to ban
particular users.

For example, if we ban fred's machine, fred can still log in from a
different machine. We need to ban fred from every machine, but he still
needs to be able to log into other machines on the network.

Thanks again,
Richard.

-- 
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Web: http://www.toshiba-europe.com/research/
Email: richard hobbs crl toshiba co uk
Tel: +44 1223 376964        Mobile: +44 7811 803377 

> -----Original Message-----
> From: redhat-list-bounces redhat com 
> [mailto:redhat-list-bounces redhat com] On Behalf Of Cecilio Marín
> Sent: 08 June 2005 11:13
> To: General Red Hat Linux discussion list
> Subject: Re: Login restrictions in NIS environment
> 
> Hi,
> 
> I thought asigns each service an IP (logically, a machine 
> with multiple 
> IPs), and then making use of a firewall (as iptables), restricting 
> services use by rules. This only restrict by machines 
> IPs/services, but 
> not by users (I believe you only want restrict machines).
> 
> 
> Also, other method is server use one IP, but using wrappers 
> hosts.allow, 
> hosts.deny by services and IP ranges. This method permits 
> specify user 
> rules (in theory):
> 
>    sshd: user machine com  <--- Applies to the specific user on the 
> given computer.
>    sshd: ALL EXCEPT user machine com  <--- in hosts.deny, deny all 
> except specific user from specific machine.
> 
> Good luck!
> 
> 
> Richard Hobbs escribió:
> 
> >Hello,
> >
> >Thanks for your response, but I don't quite understand it...
> >
> >What do you mean by "Separe services by IPs"?
> >
> >And how can I restrict logins per IP? Will this allow me to 
> restrict certain
> >users from any IP, but to allow other users from any IP?
> >
> >Thanks again,
> >Richard.
> >
> >  
> >
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> _____________________________________________________________________
> This e-mail has been scanned for viruses by MCI's Internet 
> Managed Scanning Services - powered by MessageLabs. For 
> further information visit http://www.mci.com
> 
> 



_____________________________________________________________________
This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]