02-25-2008
restricting access to a server
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks.
10 More Discussions You Might Find Interesting
1. Cybersecurity
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
2. UNIX for Dummies Questions & Answers
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies
3. Solaris
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies
4. UNIX for Advanced & Expert Users
I'm the admin in a shop in which my developers have and use the root account, all UNIX newbies.
I've been unable to convince management myself that this is an unacceptable practice.
I've looked in a couple books I have and can't find any chapters, discussions, etc that make the argument that... (2 Replies)
Discussion started by: keith.m
2 Replies
5. UNIX for Dummies Questions & Answers
Hi all,
I have user called "Z". The home directory is /home/Z. I have another directory /home/Z/OP. Within /home/Z/OP, i have 2 directories
/home/Z/OP/OP1 and /home/Z/OP2.
I want to restrict access for Z to only access
/home/Z/OP and
/home/Z/OP1 and
/home/Z/OP2.
What kind of... (4 Replies)
Discussion started by: new2ss
4 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies
7. Solaris
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies
8. Solaris
Hi all.
I've had a quick look around but cant see anything exactly matching my requirements.
I have a new T2000 running S10. Im looking to restrict the no. cores that a S10 non-global zone can use to 1 only. The box is single CPU but 8core.
I want to do this to save on some software... (4 Replies)
Discussion started by: boneyard
4 Replies
9. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
10. Linux
Hi all,
I have a web site that I'm serving on an Apache server, and it has a number of different folders, but I only want the user to be able to access certain ones -- the majority of them I don't want the user to access. I tried modifying my /etc/apache2/conf.d/security file to do this, but I... (1 Reply)
Discussion started by: Zel2008
1 Replies
LEARN ABOUT SUNOS
wnnaccess
wnnaccess(1M) System Administration Commands wnnaccess(1M)
NAME
wnnaccess - Access control over Wnn6 Kana-Kanji conversion server/dictionary lookup server
SYNOPSIS
/usr/sbin/wnnaccess [-D jserver_name] [-ds wnnds_name] [-L LANG_name] [ -| +
[hostname | username] ]
DESCRIPTION
wnnaccess adds or deletes hosts and users, obtains the current access control information, enables or disables access control for access
permission retained by the Wnn6 Kana-Kanji conversion server/dictionary lookup server.
OPTIONS
The following options are available.
-D jserver_name Specifies the Wnn6 Kana-Kanji conversion server (jserver) to work on. If this option is omitted, wnnaccess refers to the
serverdefs file and determines the Kana-Kanji conversion server to work on.
The Kana-Kanji conversion server must be specified in the following format.
hostname Kana-Kanji conversion server that uses the well-known port number(22273) on host hostname
hostname:no Kana-Kanji conversion server that uses port number of " the well-known port number plus no" on host host-
name
hostname/port_noKana-Kanji conversion server that uses port_no as port number on host hostname
-ds wnnds_name Specifies the Wnn6 dictionary lookup server (wnnds) to work on.
The dictionary lookup server must be specified in the following format.
hostname Dictionary lookup server that uses the well-known port number(26208) on host hostname
hostname:no Dictionary lookup server that uses port number of "the well-known port number plus no" on host hostname
hostname/port_noDictionary lookup server that uses port_no as port number on host hostname
-L LANG_name Specifies the language. The language is used to refer to the serverdefs file and determine the server to connect. Specify
ja for the Solaris releases (Japanese version).
If no options are specified, wnnaccess writes the current access control information. The first line shows the current status of access
control enabled or disabled. The second and following lines show hosts and users that are given access rights as in any of the following
formats:
host-name All users can access from this host.
host-name: No users can access from this host.
host-name:user-name,user-name,..Only users shown in the list can access from this host.
@user-name This user can access from any host.
Specifying - option only enables access control. Specifying + option only disables access control. If access control is disabled, no
restriction is imposed on connection to the server.
If + option and hostname| username are specified, the host or user will be added to the access control. If - option and hostname| username
are specified, the host or user will be deleted from the access control. The format of hostname| username is the same as in displaying the
current access control information. If neither - nor + option is specified, the behavior will be the same as in specifying + option.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|Availability |SUNWjwnsu |
+-----------------------------+-----------------------------+
SEE ALSO
jserver(1M), wnnds(1M), wnnhosts(4), wnn_serverdefs(4)
SunOS 5.10 10 Jan 2003 wnnaccess(1M)