01-22-2010
Quote:
Originally Posted by
mashiox
Oh and one more thought... PAM couldn't be configured to do something like that?
I believe redhat at one point added proprietary extensions to PAM to do that. These were ill-received and I'm not sure if they're still there. Checking incoming IP address for a login process isn't as obvious as it appears at first blush.
10 More Discussions You Might Find Interesting
1. Cybersecurity
I have installed TCP wrappers , Good package ...
I have a problem with the hosts_options part ...
I am not able to use the twist command .. It just dosent respond
I have compiled wrappers 7.6 for Solaris 8 with ipv6 support ...
Everything works fine except the twist doesnt work
I have... (1 Reply)
Discussion started by: DPAI
1 Replies
2. IP Networking
I have an RS6000 server running AIX and on occasion all users are logged out of the server "connection closed by foreign host" is the error message. Normally a user can press enter and get a Login prompt, but they get the message "connection refused" and then the users can wait a minute or so and... (2 Replies)
Discussion started by: Docboyeee
2 Replies
3. Solaris
Hello,
I'm administrating new installed cluster that runs Legato Networker and Oracle 9. And I want to restrict the use of root to my self and givr the application and DBA the proper and needed privileges to do their duties without hassle in addition I would like to log users activities.
my... (0 Replies)
Discussion started by: sh_ksa
0 Replies
4. Solaris
I want to log tcp-wrapper events Solaris 10. I researched and saw that I could make a syslog entry in the hosts.deny, which I did below. After restarting syslog and having ssh blocking, I see nothing logging. I also do not get the email that should be generated. The file was taken from a... (2 Replies)
Discussion started by: csgonan
2 Replies
5. Solaris
has anyone ever tried using a client list in thier hosts.allow file
Example of hosts.allow) in.ftpd: /etc/ftp.hosts
"ftp.hosts" has my list of IP address that are allow access....
However I cant get this work...Any Comments or Help? (0 Replies)
Discussion started by: dodge_man
0 Replies
6. AIX
With things installed and wrapping ftpd on AIX 5.1 in hosts.deny I have;
ALL: ALL
in hosts.allow;
ftpd: x.x.x.x
ALL: x.x.x.x
I get this on connect via ftp;
421 Service not available, remote server has closed connection
So its working as far as blocking but the hosts.allow seems to be... (1 Reply)
Discussion started by: traken
1 Replies
7. Shell Programming and Scripting
how can i make my users to not use particular commands in the network
like:wall.......
pl z help me regarding this (1 Reply)
Discussion started by: yashwanthguru
1 Replies
8. Red Hat
Hello,
can someone please provide steps, can I restrict a multiple users to only access only sftp on a server, to perform upload and download of files on their home directories.
1. I have updated their login shell as /sbin/nologin.
anything else do I need to update.
Thanks, (3 Replies)
Discussion started by: bobby320
3 Replies
9. AIX
hi all
just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box.
it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames.
the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies
10. AIX
Hi,
I have in my organization varied OS types (AIX,RHEL,Solaris)
My need was to block ftp connections from some addresses on my organization,
but to not disable the protocol.
In the linux servers i did that with the hosts.deny file that used by the vsftpd deamon.
In my AIX servers, i have... (6 Replies)
Discussion started by: moshesa
6 Replies
LEARN ABOUT HPUX
pam_loginuid
PAM_LOGINUID(8) Linux-PAM Manual PAM_LOGINUID(8)
NAME
pam_loginuid - Record user's login uid to the process attribute
SYNOPSIS
pam_loginuid.so [require_auditd]
DESCRIPTION
The pam_loginuid module sets the loginuid process attribute for the process that was authenticated. This is necessary for applications to
be correctly audited. This PAM module should only be used for entry point applications like: login, sshd, gdm, vsftpd, crond and atd. There
are probably other entry point applications besides these. You should not use it for applications like sudo or su as that defeats the
purpose by changing the loginuid to the account they just switched to.
OPTIONS
require_auditd
This option, when given, will cause this module to query the audit daemon status and deny logins if it is not running.
MODULE TYPES PROVIDED
Only the session module type is provided.
RETURN VALUES
PAM_SESSION_ERR
An error occurred during session management.
EXAMPLES
#%PAM-1.0
auth required pam_unix.so
auth required pam_nologin.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
session required pam_loginuid.so
SEE ALSO
pam.conf(5), pam.d(5), pam(7), auditctl(8), auditd(8)
AUTHOR
pam_loginuid was written by Steve Grubb <sgrubb@redhat.com>
Linux-PAM Manual 09/19/2013 PAM_LOGINUID(8)