Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Force user to use ssh/prevent telnet access
Top Forums UNIX for Dummies Questions & Answers Force user to use ssh/prevent telnet access Post 302355071 by Corona688 on Monday 21st of September 2009 11:07:47 AM
Old 09-21-2009
Quote:
Originally Posted by peragin
Thanks Zaxxon
Unfortunately I can't force that decision. Is it not possible what I am trying to do?

Regards
If you can't force that decision, it seems odd you'd be allowed to force the exact same one just by using completely different means...
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

User Access Problem: Via Telnet or even Console

Just took over a UNIX Server from someone who left our company. Having problems with access by some existing users as well as new users. I get the following message from telnet sessions, when attempting access at the "Login:" prompt: "UX:in.login:ERRO: Login incorrect" "telnetd:Unable to... (2 Replies)
Discussion started by: Vincent Garcia
2 Replies

2. Cybersecurity

SSH - prevent roaming around the server

Hi, We have a user who needs to connect to us over the internet using an ssh client. We use HP-UX 11.00. We set up a home directory with login and password for them. We would not want to give them full roaming access for the server ie, they should not be able to cd up the directory tree. ... (2 Replies)
Discussion started by: Bab00shka
2 Replies

3. Shell Programming and Scripting

prevent ssh from executing result in shell

Hi, I am writing a script on Solaris 10 and want to execute a remote ssh command. Normally this command should just return the value 0000000000002356 but when using ssh it seems it is passing the result to the shell to execute. ssh root@10.5.112.145 `/usr/bin/nawk -F\, '$1=="USG" && $2=="01"... (3 Replies)
Discussion started by: borderblaster
3 Replies

4. UNIX for Advanced & Expert Users

Parallel access - how to prevent

I have one shell script which is being accessed by many jobs at same time. I want to make the script such that , other job should wait for the script if script is being used by some other job. Is there any way to implement it in script level ? Gops (1 Reply)
Discussion started by: Gopal_Engg
1 Replies

5. Shell Programming and Scripting

ssh key based authentication - force

Hi Team, we have problem with sftp. Though SA team has setup the keys between 2 server, sftp still prompts for the password. After many attempt to rectify the problem, SA has asked us force the SSH key based authentication by using following command. sftp2 --indetity="folder/private_key"... (6 Replies)
Discussion started by: ace_friends22
6 Replies

6. AIX

Disabling SSH direct access for an AIX user

Hello everyone, Can anyone help me please. I want to disable SSH direct access for an AIX user. For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 . Thanks, (3 Replies)
Discussion started by: adilyos
3 Replies

7. Red Hat

Force ssl/ssh to use the hosts file

does anyone know how to force ssh/ssl to use the hosts file instead of DNS? I have disabled the DNS servers but ssh still will not resolve a host in the hosts file. thanks in advance for the help! DS (3 Replies)
Discussion started by: derrell simpson
3 Replies

8. Shell Programming and Scripting

Expect script that simulates a SSH brute force attack

I want to test the effectiveness of sshguard on some of my systems so I'm trying to write a script that simulates a brute force attack by sending a bunch of different username and password combinations to the servers being tested. So far I have this: #!/usr/local/bin/expect set timeout 3... (5 Replies)
Discussion started by: ph0enix
5 Replies

9. IP Networking

Force SSH session without/disabling X11 forwarding.

I would like to disable X11 session forcefully. I have tried the following things: 1. Setting appropriate DISPLAY variable in the /etc/environment file to be "0.0" 2. I have tried setting the sshd_config parameter X11Forwarding to be "no" This session communication is happening by exchanging... (2 Replies)
Discussion started by: vaibhavvsk
2 Replies

10. UNIX for Advanced & Expert Users

Prevent user from creating new user from his login

Hi Experts, Need your support Redhat 6.5 I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login to perform any task. (10 Replies)
Discussion started by: as7951
10 Replies

LEARN ABOUT BSD

ssh-keysign

ssh-keysign(1M) 														   ssh-keysign(1M)

NAME

       ssh-keysign - ssh helper program for host-based authentication

SYNOPSIS

       ssh-keysign

       ssh-keysign  is	used  by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
       with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the  name  of  the
       client user.

       ssh-keysign  is	disabled  by  default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
       basedAuthentication to yes.

       ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based  authen-
       tication.

       /etc/ssh/ssh_config

	   Controls whether ssh-keysign is enabled.

       /etc/ssh/ssh_host_dsa_key
       /etc/ssh/ssh_host_rsa_key

	   These  files  contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
	   only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must  be  set-uid  root  if	host-based
	   authentication is used.

       ssh-keysign will not sign host-based authentication data under the following conditions:

	 o  If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
	    den in users' ~/.ssh/ssh_config files.

	 o  If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of  the  client  where  ssh-keysign	is
	    invoked and the name of the user invoking ssh-keysign.

       In  spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
       as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

       ssh(1), sshd(1M), ssh_config(4), attributes(5)

AUTHORS

       Markus Friedl, markus@openbsd.org

HISTORY

       ssh-keysign first appeared in Ox 3.2.

								    9 Jun 2004							   ssh-keysign(1M)
All times are GMT -4. The time now is 07:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy