Login restrictions in NIS environment

Richard Hobbs richard.hobbs at crl.toshiba.co.uk
Wed Jun 8 10:57:58 UTC 2005 

Hello,

Banning particular IP addresses is useless to us... We need to ban
particular users.

For example, if we ban fred's machine, fred can still log in from a
different machine. We need to ban fred from every machine, but he still
needs to be able to log into other machines on the network.

Thanks again,
Richard.

-- 
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Web: http://www.toshiba-europe.com/research/
Email: richard.hobbs at crl.toshiba.co.uk
Tel: +44 1223 376964        Mobile: +44 7811 803377 

> -----Original Message-----
> From: redhat-list-bounces at redhat.com 
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Cecilio Marín
> Sent: 08 June 2005 11:13
> To: General Red Hat Linux discussion list
> Subject: Re: Login restrictions in NIS environment
> 
> Hi,
> 
> I thought asigns each service an IP (logically, a machine 
> with multiple 
> IPs), and then making use of a firewall (as iptables), restricting 
> services use by rules. This only restrict by machines 
> IPs/services, but 
> not by users (I believe you only want restrict machines).
> 
> 
> Also, other method is server use one IP, but using wrappers 
> hosts.allow, 
> hosts.deny by services and IP ranges. This method permits 
> specify user 
> rules (in theory):
> 
>    sshd: user at machine.com  <--- Applies to the specific user on the 
> given computer.
>    sshd: ALL EXCEPT user at machine.com  <--- in hosts.deny, deny all 
> except specific user from specific machine.
> 
> Good luck!
> 
> 
> Richard Hobbs escribió:
> 
> >Hello,
> >
> >Thanks for your response, but I don't quite understand it...
> >
> >What do you mean by "Separe services by IPs"?
> >
> >And how can I restrict logins per IP? Will this allow me to 
> restrict certain
> >users from any IP, but to allow other users from any IP?
> >
> >Thanks again,
> >Richard.
> >
> >  
> >
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> _____________________________________________________________________
> This e-mail has been scanned for viruses by MCI's Internet 
> Managed Scanning Services - powered by MessageLabs. For 
> further information visit http://www.mci.com
> 
> 



_____________________________________________________________________
This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com

More information about the redhat-list mailing list