Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Access to particular IP's from the solaris/LINUX server
Top Forums UNIX for Advanced & Expert Users Access to particular IP's from the solaris/LINUX server Post 302371728 by jim mcnamara on Monday 16th of November 2009 05:54:21 AM
Old 11-16-2009
One way, I guess:

Create a group in /etc/group on each remote node - icanssh as an example
Assign those users who are allowed to ssh into the machine to that group only on that machine.

Then in /etc/ssh/sshd_config add a line:
Code:
AllowGroups root icanssh


It is just easier and safer to deny all access for those users to a given node - disable their account. Or remove shell access
by defining the shell as /bin/false

As a general, deny all access, then grant access just to those who need it - is a far safer strategy
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Need help to access/mount so to access folder/files on a Remote System using Linux OS

Hi I need to access files from a specific folder of a Linux system from an another Linux System Remotely. I know how to, Export a folder on One SCO System & can access the same by using Import via., NFS in the Sco Unix SVR4 System using the scoadmin utility. Also, I know to use mount -t ... (2 Replies)
Discussion started by: S.Vishwanath
2 Replies

2. UNIX for Dummies Questions & Answers

TomCat access in an Remote Linux Server

Hi all, I Installed Tomcat in an remote linux server (/usr/tomcat)and start service, using ./startup.sh (and tried with ./catalina.sh too). //----------------------------------------------------------------// # ./startup.sh Using CATALINA_BASE: /usr/tomcat/apache-tomcat-6.0.16/ Using... (1 Reply)
Discussion started by: gothama
1 Replies

3. UNIX for Dummies Questions & Answers

How do I give Java developers access to Solaris server

I am new to UNIX administration. I have 10 years of Windows admin experience. I need to know how to give java developers the access they need to install and maintain the applications they are writing. In the Windows world I would make them a local admin on a test server but give them limited... (4 Replies)
Discussion started by: gsander
4 Replies

4. Emergency UNIX and Linux Support

solaris or linux sftp/ftp-server

Hi, we have a big problem, history: we migrated our companies ftp and sftp-server, which were vsftp and openssh, to one server, software is called JSCAPE ftp server professional edition for the first time everything was great, but after one or two months, our uploads hang, 0 byte files are... (11 Replies)
Discussion started by: funksen
11 Replies

5. IP Networking

Can not access Linux server over the Internet

hi i have linux server connected to internet through a switch/router. i have opened a port on the router and i am able to connect to the server if iptables is off. but when it is on i cant. i want to create a rule in iptables so that it accepts packets coming from a particular datacard. it... (7 Replies)
Discussion started by: u.n.i.x
7 Replies

6. Solaris

Can't access NFS Share on Solaris Server from a Linux Client

Hi, I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server. On the NFS Server, in /etc/dfs/, I added following line to dfstab file. & then ran the following On the client machine, while running the mount command, I am... (0 Replies)
Discussion started by: SunilB2011
0 Replies

7. Red Hat

Unable to access NFS share on Solaris Server from Linux client

Hi, I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server. On the NFS Server, in /etc/dfs/, I added following line to dfstab file. share -F nfs -o rw /var/share & then ran the following svcadm -v enable -r... (3 Replies)
Discussion started by: SunilB2011
3 Replies

8. Red Hat

Access Linux server from windows

I can access the linux server in my company from my desktop windows explorer. I guess samba is working. Please see the images. http://imageshack.us/a/img854/7106/9yvl.png I have a few questions. I don't have the linux account and I have never accessed it from shell. Is my windows login... (1 Reply)
Discussion started by: zhshqzyc
1 Replies

9. Solaris

How to access Oracle DB on Linux from Solaris?

What I am trying to do is install Remedy on a Solaris machine. However to install Remedy on Solaris, the server has to be able to connect to the oracle database on the Linux server? How can I accomplish this? (8 Replies)
Discussion started by: newborndba
8 Replies

10. Proxy Server

How to use Squid on Linux to control certain IP to access Web Server and certain IP cannot access?

Dear all experts here, :) I would like to install a proxy server on Linux server to perform solely to control the access of Web server. In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server. I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies

LEARN ABOUT CENTOS

pam_wheel

PAM_WHEEL(8)							 Linux-PAM Manual						      PAM_WHEEL(8)

NAME

       pam_wheel - Only permit root access to members of group wheel

SYNOPSIS

       pam_wheel.so [debug] [deny] [group=name] [root_only] [trust] [use_uid]

DESCRIPTION

       The pam_wheel PAM module is used to enforce the so-called wheel group. By default it permits root access to the system if the applicant
       user is a member of the wheel group. If no group with this name exist, the module is using the group with the group-ID 0.

OPTIONS

       debug
	   Print debug information.

       deny
	   Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of
	   the group option), deny access. Conversely, if the user is not in the group, return PAM_IGNORE (unless trust was also specified, in
	   which case we return PAM_SUCCESS).

       group=name
	   Instead of checking the wheel or GID 0 groups, use the name group to perform the authentication.

       root_only
	   The check for wheel membership is done only.

       trust
	   The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play
	   stacking the modules the wheel members may be able to su to root without being prompted for a passwd).

       use_uid
	   The check for wheel membership will be done against the current uid instead of the original one (useful when jumping with su from one
	   account to another for example).

MODULE TYPES PROVIDED

       The auth and account module types are provided.

RETURN VALUES

       PAM_AUTH_ERR
	   Authentication failure.

       PAM_BUF_ERR
	   Memory buffer error.

       PAM_IGNORE
	   The return value should be ignored by PAM dispatch.

       PAM_PERM_DENY
	   Permission denied.

       PAM_SERVICE_ERR
	   Cannot determine the user name.

       PAM_SUCCESS
	   Success.

       PAM_USER_UNKNOWN
	   User not known.

EXAMPLES

       The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non-root applicants.

	   su	   auth     sufficient	   pam_rootok.so
	   su	   auth     required	   pam_wheel.so
	   su	   auth     required	   pam_unix.so

SEE ALSO

       pam.conf(5), pam.d(5), pam(8)

AUTHOR

       pam_wheel was written by Cristian Gafton <gafton@redhat.com>.

Linux-PAM Manual						    09/19/2013							      PAM_WHEEL(8)
All times are GMT -4. The time now is 02:29 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy