Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Disable local user from remote login
Operating Systems Solaris Disable local user from remote login Post 302413838 by naw_deepak on Saturday 17th of April 2010 02:27:21 PM
Old 04-17-2010
But it will only deny the SSH connections. There will be some more ways open to connect the machine like : telnet etc.

Please make sure if only SSH connections require to be disabled.

Thanks,
Deepak
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Disable Root Console login

After Configuring a brand new netraT1, It appears, the only way you can log in as root is throught the Serial Port (console). I believe there is a file in /etc which can be edited to allow root to access login via other methods eg: telnet, ssh, etc. My Question: Which file contains... (2 Replies)
Discussion started by: SmartJuniorUnix
2 Replies

2. UNIX for Dummies Questions & Answers

why i have local.profile, local.cshrc,local.login instead of .profile, .login ?

Hello again ! Thanks for response of my first question. there is my second quesiton why i have local.profile instead of .profile file ? my all files in pwd shoes local. before any file. is anybody can tell me about that ? Thanks Abid Malik (5 Replies)
Discussion started by: abidmalik
5 Replies

3. Solaris

How to disable remote printer

Hi all, On Solaris 8.2 I have several printers controled via LPD so they are defined with systemnames. The problem is I can't disable them as I could in Unix V with the disable command. Is there a way to do this however? Thank in advance! :) Peter (2 Replies)
Discussion started by: nulnul7
2 Replies

4. Solaris

How do I disable Remote Access ?

During the Solaris 10 installation, I answered "Yes" at the "Activate Remote Access" screen - or something like that. I know this is a security issue and I want it disabled now. How can I disable remote access ? Thanks. (4 Replies)
Discussion started by: chinezu'
4 Replies

5. AIX

How to disable user login infor?

If user login and don't do anything in 15 mins, the user is kicked off from the server. how to disable it? (5 Replies)
Discussion started by: rainbow_bean
5 Replies

6. UNIX for Advanced & Expert Users

Determining if user is local-user in /etc/passwd or LDAP user

Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent. The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies

7. Solaris

how to login with ssh to remote system with out applying the remote root/usr password

how to login with ssh to remote system with out applying the remote root/user password with rlogin we can ujse .rhosts file but with ssh howits possible plz guide (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies

8. UNIX for Dummies Questions & Answers

How to disable root login (Not over SSH)?

I have already disabled root login over the ssh by modifying /etc/ssh/sshd_config. But how would i disable root login on a server itself. We have implemented LDAP in our environment and our security guide states that root login must be obtained by first logging into the host using his/her own... (2 Replies)
Discussion started by: pinga123
2 Replies

9. Shell Programming and Scripting

How to give user name and password in a single command to login to remote server

Hello All, I'm new to unix and i need the below favour from you. I have list of 50 unix server. I need to login to all the server one by one and with the same user and password. I will declare the user name and password globally in the script. for example : servername- hyperV user name... (4 Replies)
Discussion started by: Hari A
4 Replies

10. Solaris

Disable users to direct login

Hi all, how can I disable direct login to a Solaris system not only for root user but also for other accounts? Looking in google I came to the following: For telnet (/etc/default/login): disable root access> CONSOLE=/dev/console disable generic user> ? For ssh... (5 Replies)
Discussion started by: Evan
5 Replies

LEARN ABOUT MOJAVE

hosts.equiv

HOSTS.EQUIV(5)						      BSD File Formats Manual						    HOSTS.EQUIV(5)

NAME

     hosts.equiv, .rhosts -- trusted remote hosts and host-user pairs

DESCRIPTION

     The hosts.equiv and .rhosts files list hosts and users which are ``trusted'' by the local host when a connection is made via rlogind(8),
     rshd(8), or any other server that uses ruserok(3).  This mechanism bypasses password checks, and is required for access via rsh(1).

     Each line of these files has the format:

	   hostname [username]

     The hostname may be specified as a host name (typically a fully qualified host name in a DNS environment) or address, +@netgroup (from which
     only the host names are checked), or a ``+'' wildcard (allow all hosts).

     The username, if specified, may be given as a user name on the remote host, +@netgroup (from which only the user names are checked), or a
     ``+'' wildcard (allow all remote users).

     If a username is specified, only that user from the specified host may login to the local machine.  If a username is not specified, any user
     may login with the same user name.

EXAMPLES

     somehost
	   A common usage:  users on somehost may login to the local host as the same user name.
     somehost username
	   The	user  username	on  somehost may login to the local host.  If specified in /etc/hosts.equiv, the user may login with only the same
	   user name.
     +@anetgroup username
	   The user username may login to the local host from any machine listed in the netgroup anetgroup.
     +
     + +
	   Two severe security hazards.  In the first case, allows a user on any machine to login to the local host as the same user name.  In the
	   second case, allows any user on any machine to login to the local host (as any user, if in /etc/hosts.equiv).

WARNINGS

     The username checks provided by this mechanism are not secure, as the remote user name is received by the server unchecked for validity.
     Therefore this mechanism should only be used in an environment where all hosts are completely trusted.

     A numeric host address instead of a host name can help security considerations somewhat; the address is then used directly by iruserok(3).

     When a username (or netgroup, or +) is specified in /etc/hosts.equiv, that user (or group of users, or all users, respectively) may login to
     the local host as any local user.	Usernames in /etc/hosts.equiv should therefore be used with extreme caution, or not at all.

     A .rhosts file must be owned by the user whose home directory it resides in, and must be writable only by that user.

     Logins as root only check root's .rhosts file; the /etc/hosts.equiv file is not checked for security.  Access permitted through root's
     .rhosts file is typically only for rsh(1), as root must still login on the console for an interactive login such as rlogin(1).

FILES

     /etc/hosts.equiv  Global trusted host-user pairs list
     ~/.rhosts	       Per-user trusted host-user pairs list

SEE ALSO

     rcp(1), rlogin(1), rsh(1), rcmd(3), ruserok(3), netgroup(5)

HISTORY

     The .rhosts file format appeared in 4.2BSD.

BUGS

     The ruserok(3) implementation currently skips negative entries (preceded with a ``-'' sign) and does not treat them as ``short-circuit'' neg-
     ative entries.

BSD
								 November 26, 1997							       BSD
All times are GMT -4. The time now is 02:34 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy