11-16-2009
Access to particular IP's from the solaris/LINUX server
Hi All,
I have a scenario here where in I need to allow a user from the server(Solaris or LINUX) to be able to ssh to a particular set of IP's.
Eg:user1 should be able to access IP's 10.26.32.2,10.26.32.7,10.26.32.9
user2 should be able to access IP's 10.1.1.2,10.1.1.4(just an example)
So I need to create the users such that they are able to access only these IP's.If they try to ssh to any other IP's they should not be able to do so.
Please let me know if we can do so and if yes how to do the same.
Thanks in Advance...
Last edited by pk123; 11-16-2009 at 06:20 AM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
I need to access files from a specific folder of a Linux system from an another Linux System Remotely.
I know how to, Export a folder on One SCO System & can access the same by using Import via., NFS in the Sco Unix SVR4 System using the scoadmin utility.
Also, I know to use mount -t ... (2 Replies)
Discussion started by: S.Vishwanath
2 Replies
2. UNIX for Dummies Questions & Answers
Hi all,
I Installed Tomcat in an remote linux server (/usr/tomcat)and start service, using ./startup.sh (and tried with ./catalina.sh too).
//----------------------------------------------------------------//
# ./startup.sh
Using CATALINA_BASE: /usr/tomcat/apache-tomcat-6.0.16/
Using... (1 Reply)
Discussion started by: gothama
1 Replies
3. UNIX for Dummies Questions & Answers
I am new to UNIX administration. I have 10 years of Windows admin experience. I need to know how to give java developers the access they need to install and maintain the applications they are writing. In the Windows world I would make them a local admin on a test server but give them limited... (4 Replies)
Discussion started by: gsander
4 Replies
4. Emergency UNIX and Linux Support
Hi,
we have a big problem,
history:
we migrated our companies ftp and sftp-server, which were vsftp and openssh, to one server, software is called JSCAPE ftp server professional edition
for the first time everything was great, but after one or two months, our uploads hang, 0 byte files are... (11 Replies)
Discussion started by: funksen
11 Replies
5. IP Networking
hi i have linux server connected to internet through a switch/router. i have opened a port on the router and i am able to connect to the server if iptables is off. but when it is on i cant.
i want to create a rule in iptables so that it accepts packets coming from a particular datacard. it... (7 Replies)
Discussion started by: u.n.i.x
7 Replies
6. Solaris
Hi,
I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server.
On the NFS Server, in /etc/dfs/, I added following line to dfstab file.
& then ran the following
On the client machine, while running the mount command, I am... (0 Replies)
Discussion started by: SunilB2011
0 Replies
7. Red Hat
Hi,
I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server.
On the NFS Server, in /etc/dfs/, I added following line to dfstab file.
share -F nfs -o rw /var/share
& then ran the following
svcadm -v enable -r... (3 Replies)
Discussion started by: SunilB2011
3 Replies
8. Red Hat
I can access the linux server in my company from my desktop windows explorer. I guess samba is working.
Please see the images.
http://imageshack.us/a/img854/7106/9yvl.png
I have a few questions.
I don't have the linux account and I have never accessed it from shell. Is my windows login... (1 Reply)
Discussion started by: zhshqzyc
1 Replies
9. Solaris
What I am trying to do is install Remedy on a Solaris machine. However to install Remedy on Solaris, the server has to be able to connect to the oracle database on the Linux server? How can I accomplish this? (8 Replies)
Discussion started by: newborndba
8 Replies
10. Proxy Server
Dear all experts here,
:)
I would like to install a proxy server on Linux server to perform solely to control the access of Web server.
In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server.
I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies
LEARN ABOUT BSD
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)