Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: One accout for FTP other to TELNET
Special Forums Cybersecurity One accout for FTP other to TELNET Post 26019 by omran on Friday 9th of August 2002 10:40:35 AM
Old 08-09-2002
Hi again,
If I want to make that account that can be used for ftp only (while can not be used for telnet) bew accessable from other user (i.e., su and su - ) work. How can I do that?
Thank you in advance
Best Regards
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Automation of telnet and ftp

I have a basic query. I use telnet and ftp very frequently. I want to do it without spending time in typing username and password everytime. I know that if I have .netrc file which contains server address, username, pasword, then just typing ftp will conect to that server with that username and... (10 Replies)
Discussion started by: asutoshch
10 Replies

2. IP Networking

FTP or Telnet

Dumb question I'm sure but how on earth do I transfer files from a sco unix machine to my windows 2000 machine. I'm typing commands on my Win2000 machine. All I can seem to do is move files around on the unix system? (8 Replies)
Discussion started by: Timbash
8 Replies

3. UNIX for Dummies Questions & Answers

Telnet FTP scripting

Hi quick question from a unix newbie Working on a project to get me using unix, the point of this project is to find a printer on the network check for jobs in the printer if the printer has no jobs do nothing if the printer has jobs then check the status for errors and e-mail the user. This... (2 Replies)
Discussion started by: w33man
2 Replies

4. Linux

ftp telnet enable

hi , i have jsut installed linux 9.0 , but i can not ftp or telnet to the system . i have installed the ftp and the telnet server during installation . i have also configured the files to enable the ftp and telnet , the ftp and the telnet daemons are running , but when i do ftp : ftp... (1 Reply)
Discussion started by: ppass
1 Replies

5. Shell Programming and Scripting

Automating telnet and ftp

Hi, I want to automate FTP. I have a fair idea that this can be done using expect scripting. But I dont how to do it. Please, can anyone give me an example of how to do it in Unix. Thanks in advance (2 Replies)
Discussion started by: sendhilmani123
2 Replies

6. UNIX for Dummies Questions & Answers

Ftp, telnet etc. not operational?

Well I have the programs and everything and the program itself seems to work, but they don't seem to be operateble. I ALWAYS get connection refused on everything. ftp, telnet, rlogin, ssh etc. So it must have something to do with some setting that doesn't allow connections to external hosts or... (6 Replies)
Discussion started by: riwa
6 Replies

7. UNIX for Advanced & Expert Users

diable telnet & ftp

Hi All, I need to stop all the services for telnet & FTP as we want our server to be more secure. Please give me some steps for jumping to SSH protocol. How can i disable telnet & ftp service on my server. (1 Reply)
Discussion started by: pradeep_desh
1 Replies

8. Shell Programming and Scripting

how to connect to admin accout through script

hi everyone i'm running script in c-shell and i want this script to connect to admin account in order to run other script in k-shell. after that i want the script to be severed from the admin account and to continue with the regular commands example: my script call cs-customers echo"starting... (16 Replies)
Discussion started by: naamas03
16 Replies

9. Solaris

accout

I have a sunfire V240 but nobody seems to know the root password. I can get into ALOM but not console mode. Is there a hack or something that cn get me back into this system lo reload it? (5 Replies)
Discussion started by: dewsdwarfs
5 Replies

10. UNIX for Dummies Questions & Answers

last 90 days of ftp and telnet

Aix6.1 last | grep ftp shows me only 3 days. last does not show me telnet login or the same as ftp. i'd like to get the last 90 days of users who telnet or ftp to the box. thanks in advance. (3 Replies)
Discussion started by: lawsongeek
3 Replies

LEARN ABOUT PLAN9

krb5_auth_rules

krb5_auth_rules(5)					Standards, Environments, and Macros					krb5_auth_rules(5)

NAME

       krb5_auth_rules - Overview of Kerberos V5 authorization

DESCRIPTION

       When  a	user  uses  kerberized	versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
       claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user  is  "who
       he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
       is permitted to access the Solaris user account that the client wants to access.

       Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file  should
       contain	a  Kerberos  principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
       the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.

       If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)).  If the  originating
       user's  Kerberos  V5  identity  is  in  the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
       client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
       the originating user is denied access.

       For  example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
       appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database  (see  passwd(4))  with  uid  23154,  then
       access to account jdb-user is granted.  Of course, normally, the target account name in this example would be jdb and not jdb-user.

       Finally,  if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
       be granted access to the account if and only if all of the following are true:

	 o  The user part of the authenticated principal name is the same as the target account name specified by the client.

	 o  The realm part of the client and server are the same.

	 o  The target account name exists on the server.

       For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM,  then  even	if
       jdb  is	a  valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
       differ.

FILES

       ~/.k5login      Per user-account authorization file.

       /etc/passwd     System account file. This information may also be in a directory service. See passwd(4).

ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)

NOTES

       To avoid security problems, the ~/.k5login file must be owned by the remote user.

SunOS 5.10							    13 Apr 2004 						krb5_auth_rules(5)
All times are GMT -4. The time now is 04:03 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy