If you are using sshd on that box, you could configure /etc/ssh/sshd_config to
But make sure that you have at least some backdoor to get in like a user that make "sudo su -" or something like that.
using redhat 7.2
Is it possible to not allow root to ssh into the server remotely, but allow the account that ssh'd in to the box to su to root? This way there is the added security of a hacker needing two passwords to hack your computer, a username/password for a regular account and also the... (3 Replies)
Hi all
I'm using an AIX 5 machine.
I'm trying to telnet from this machine to another Aix machine.
When I use the "root" user - Everything works.
I can telnet successfully the other machine
When I use another user but root - I can't telnet the machine:
noah@logist:/home/noah>telnet aixtst... (2 Replies)
All,
I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
OK, let see, i have a Tru64 Unix and need to know how the list of ftp users works and in /etc/ftpusers we have the unauthorized users but when we create a new user i want this users put automatic for deny access .....
where i set when creation of users action put automatic the user in that file?... (1 Reply)
Hi,
I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password
it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there
are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
I'm attempting to deny a user's ability to login as root through any remote means - ie telnet or ssh. I've read most of the threads that I can find on this site and I've looked at BigAdmin on Sun's site. I have done what has been suggested here and on BigAdmin which is to make sure that the line... (5 Replies)
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Is there a way to deny access to a specific remote login option.
example:
usera--deny telnet access but keep rsh and rlogin
userb--keeps telnet, rsh, and rlogin
I'm basically trying to contol the access per services instead of changing the LOGIN REMOTELY(rsh,tn,rlogin) option to yes or no. (12 Replies)
Hi team,
I tried to modify the /etc/security/limits.conf file to limit the root user for more one login. I added the line in limits.conf file like:
@root hard maxlogins 1
I also tried to modify /etc/ssh/sshd_config to limit the root userlogin by adding this:
... (10 Replies)
Hi there,
For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies
LEARN ABOUT CENTOS
ssh-ldap-helper
SSH-LDAP-HELPER(8) BSD System Manager's Manual SSH-LDAP-HELPER(8)NAME
ssh-ldap-helper -- sshd helper program for ldap support
SYNOPSIS
ssh-ldap-helper [-devw] [-f file] [-s user]
DESCRIPTION
ssh-ldap-helper is used by sshd(1) to access keys provided by an LDAP. ssh-ldap-helper is disabled by default and can only be enabled in the
sshd configuration file /etc/ssh/sshd_config by setting AuthorizedKeysCommand to ``/usr/libexec/openssh/ssh-ldap-wrapper''.
ssh-ldap-helper is not intended to be invoked by the user, but from sshd(8) via ssh-ldap-wrapper.
The options are as follows:
-d Set the debug mode; ssh-ldap-helper prints all logs to stderr instead of syslog.
-e Implies -w; ssh-ldap-helper halts if it encounters an unknown item in the ldap.conf file.
-f ssh-ldap-helper uses this file as the ldap configuration file instead of /etc/ssh/ldap.conf (default).
-s ssh-ldap-helper prints out the user's keys to stdout and exits.
-v Implies -d; increases verbosity.
-w ssh-ldap-helper writes warnings about unknown items in the ldap.conf configuration file.
SEE ALSO sshd(8), sshd_config(5), ssh-ldap.conf(5),
HISTORY
ssh-ldap-helper first appeared in OpenSSH 5.5 + PKA-LDAP .
AUTHORS
Jan F. Chadima <jchadima@redhat.com>
BSD April 29, 2010 BSD