General discussion

Locked

Restrict Telnet users

By dennisbv ·
I administer a RS6000 box with AIX 4.3 most of my users login through thier Com ports or Terminal connected to a Ran box. Basicly they are connected to a port by thier cable conected to thier com port. I have some users that Telnet in through the Ethernet network. On all the PC's we are using a terminal emulator, the only difference is that some go over the Ethernet instaed of the cable conected to thier com port. I can disable the ports for the users that direct connect but I need to know How I can disable the Telnet users. When I do maintenace on the server and I disable to tty ports the Telnet users can still log in.

This conversation is currently closed to new comments.

15 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Restrict Telnet users

by mshavrov In reply to Restrict Telnet users

If you just need to prevent some users from Telneting to UNIX box, why not to disable these accounts on the server? Generaly what you may do in any kind of UNIX, just edit /etc/passwd (or /etc/shadow) file and enter any "extra" character to passwordfield for user, you want to disable (for example, "*" or "~"). This will change password hash and user will be unable to login. Then, when you will need to re-enable this user, just remove this "extra" character from the password field and user willhave same password he had before.

In some UNIX systems you may configure "time based" restrictions for user accounts or "enable/disable" users accounts from GUI interface, but the method, described above works on all UNIX systems.

Good luck.

Collapse -

Restrict Telnet users

by dennisbv In reply to Restrict Telnet users

Poster rated this answer

Collapse -

Restrict Telnet users

by dennisbv In reply to Restrict Telnet users

The first answer may work but with a bunch of users that will create a lot of extra work. Is there away to automate the 1st answer or is there an automated way to disable telent?

Collapse -

Restrict Telnet users

by kshcsuf In reply to Restrict Telnet users

Most BSD and System V variants support a file called /etc/nologin that you can touch to prevent interactive access during maintenance periods.

Any text you place in the /etc/nologin file will be displayed to users when they attempt to login. So,a nice sample message like "Rebuilding database indexes... try again later." or "Repairing disks... back up in 10 minutes." would be helpful.

When you are done with your maintenance, you can simply remove this file:

# rm /etc/nologin

Collapse -

Restrict Telnet users

by dennisbv In reply to Restrict Telnet users

Poster rated this answer

Collapse -

Restrict Telnet users

by cavedweller In reply to Restrict Telnet users

To stop the telnet daemon, comment it out in the /etc/inetd.conf file and then restart inetd. You might also want to turn off some other services like ftp.

Collapse -

Restrict Telnet users

by dennisbv In reply to Restrict Telnet users

Poster rated this answer

Collapse -

Restrict Telnet users

by dennisbv In reply to Restrict Telnet users

I am increasing the points on this question as the questions that have been submitted are correct but I have an additional part. How can I stop some users from telneting while allowing other users to telnet in?

Collapse -

Restrict Telnet users

by dennisbv In reply to Restrict Telnet users

Point value changed by question poster.

Collapse -

Restrict Telnet users

by NickMkhn In reply to Restrict Telnet users

OK, with that bunch of users, is it possible for you to organize those users in one (primary?) group?
And restrict temporarely to telnet for the whole group, by similar way as it is described in Answer1?

Back to Linux Forum
15 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums