12-17-2008
Not sure what your Linux/Unix version is, but you could use a firewall like iptables or ipfilter to restrict access to the sshd server port. Also, some versions of sshd use tcp wrappers, so you could use hosts.deny to define restrictions.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have started a new job for 2 weeks not. I am distributing software packages through Tivoli and connecting to the servers using Putty in X11 and SSH.
But on the command line, the backspace is disabled. I know its a command I have to enter in my .profile but I don't remember. There is a Ctrl+H... (2 Replies)
Discussion started by: Browser_ice
2 Replies
2. Shell Programming and Scripting
I have configured ssh to a remote server without prompting for a password with the help of public keys...but now i am not able to execute any commands through a script
what i want is a one line script which takes me directly into /var directory after executing it...searched the entire forum but... (2 Replies)
Discussion started by: roshanjain2
2 Replies
3. HP-UX
how can I find cpu usage memory usage swap usage and
I want to know CPU usage above X% and contiue Y times and memory usage above X % and contiue Y times
my final destination is monitor process
logical volume usage above X % and number of Logical voluage above
can I not to... (3 Replies)
Discussion started by: alert0919
3 Replies
4. AIX
How to monitor the IBM AIX server for I/O usage, memory usage, CPU usage, network usage, storage usage? (3 Replies)
Discussion started by: laknar
3 Replies
5. Shell Programming and Scripting
Hi,
When i am using SSH, trying to automate some process, it seems as I am loosing environment settings that belongs to proper running of jboss server.
On Server (X) a User (A) is trying to run a jboss server but the location of jboss is on the same server (X) but on different user (B) . The... (1 Reply)
Discussion started by: nimrodt
1 Replies
6. Shell Programming and Scripting
Hi ,
I was going through a script and I saw following commands :--
OPTS="-e /usr/local/bin/ssh -ralpgHSvuz --stats --rsync-path=/usr/local/bin/rsync"
OPTS="-e /usr/local/bin/ssh -vrlopgt --stats --rsync-path=/usr/local/bin/rsync"
Can someone please explain the meaning of words... (4 Replies)
Discussion started by: Abhayman
4 Replies
7. AIX
I want to know if there is any way to set up a users home directory access with a restricted shell and allow them to SFTP to the directory. I want to allow the user to SSH into their home directory but no where else on the AIX server. I also want the user to be able to SFTP files to their home... (1 Reply)
Discussion started by: daveisme
1 Replies
8. Shell Programming and Scripting
I need help on how to connect remote systems through ssh command in while loop of shell script. I was able to connect one remote system using ssh from shell script. Please find sample code snippet as given below…..
ssh "root@148.147.179.100" ARG1=$rpmFileName 'bash -s' <<'ENDSSH'
... (5 Replies)
Discussion started by: rajesh.tulluri
5 Replies
9. UNIX for Dummies Questions & Answers
This is a quote from the Apple security configuration (you can download it from Apple)
" Using ACLs to Restrict Usage of Setuid Programs
The ACL feature of Mac OS X can also be used to restrict the execution of setuid
programs. Restricting the execution of setuid programs to administrators... (3 Replies)
Discussion started by: Vera
3 Replies
10. Red Hat
Hello everyone.. I need some help in understanding the usage of tcp46 socket and xinetd.d flags..
What I'm trying to do?
I'm looking to use tenet via tcp46 socket for both ipv4 and ipv6 traffic. For this, if i set flags = IPV6 xinetd.d, telnet service, i can not telnet via V4. If I unset the... (0 Replies)
Discussion started by: Sudharshan
0 Replies
LEARN ABOUT SUNOS
network.conf
NETSCRIPT-2.2.conf(5) File Formats Manual NETSCRIPT-2.2.conf(5)
NAME
/etc/netscript/network.conf - interface, firewalling, and QoS configuration file.
/etc/netscript/if.conf - interface setup shell script file
/etc/netscript/qos.conf - QoS setup shell script file
/etc/netscript/ipfilter.conf - IP chains filtering shell script file
/etc/netscript/srvfilter.conf - server IP filter shell script file
DESCRIPTION
This manpage is a place holder until something better is written when the netscript itself has stopped changing rapidly.
Please see the README file in the /etc/netscript directory, and READ the configuration files if you need to change them. Apart from net-
work.conf, all of them contain sh (1) shell script functions which are there so that various things can be altered or hooked in at the
right place. Network.conf contains the full network setup details, including special interface setup for the likes of ciped/pppd/wanconfig,
and is fully commented with examples given.
UPGRADE PATH FROM KERNEL 2.2.X
The firewall/IP filtering stuff in ipfilter.conf is the part that changed radically with the move to iptables and a far better way of set-
ting up the IP filtering rules, however the QoS and interface startup/shutdown in if.conf have changed but are backwards compatible with
the old 2.2.x ipchains version of netscript for the interface address configuration settings. You will have to set up the filtering again
to use iptables by directly using the iptables commands.
Also, the kernel 2.2.x version scripts are set up so that iptables is only run on a 2.4.x kernel, otherwise IP forwarding is disabled if
beforehand you set IPFWDING_KERNEL to FILTER_ON in network.conf.
This means that when you upgrade a box to a 2.4.x router kernel, you should then be able to reboot it and log into remotely and upgrade
netscript to the version that will support 2.4.x. In this situation, if you have set old IPFWDING_KERNEL setting to FILTER_ON beforehand
in network.conf, all IP forwarding through the box will also be disabled. This means that you can safely remotely upgrade a firewall.
SEE ALSO
netscript(8), ipchains(8), iproute(8), brcfg(8).
AUTHOR
This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others).
BUGS
The author is lazy. He needs to write btter man pages...
November 23, 2000 NETSCRIPT-2.2.conf(5)