|
|
Sponsored Content
Operating Systems
Solaris
Elegant Solutions to kill telnet/ssh session
Post 302430377 by achenle on Thursday 17th of June 2010 11:07:00 AM
06-17-2010
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hi, we can set something such that if the user has been idle for a while, it will auto disconnect. where to do so? thanks (6 Replies)
Discussion started by: yls177
6 Replies
2. Shell Programming and Scripting
{
sleep 2
echo "$user"
sleep 2
echo "$password"
sleep 2
echo " ls"
sleep 10
echo "exit"
}| telnet $server
I have a machine x and i have executed the above script on machine 'x'.
i entered the... (6 Replies)
Discussion started by: pathanjalireddy
6 Replies
3. UNIX for Dummies Questions & Answers
Hi
Is there any way whilst in a telnet session you can view your client machine name that you are using to connect to the Unix box ? :eek: (2 Replies)
Discussion started by: mlucas
2 Replies
4. Solaris
how do i kill a user session (10 Replies)
Discussion started by: fsmadi
10 Replies
5. UNIX for Dummies Questions & Answers
Hello,
I have AIX 5.3 at home connected to netgear router. Port Forwarding has been enabled on the router. Problem is that if I want to telnet, I have to try 2 or 3 times before I can get a logon prompt. It times out for first or second time (Connection to session <IP_Address> failed: Connection... (1 Reply)
Discussion started by: bluebee
1 Replies
6. Shell Programming and Scripting
I am using Net::SSH::Expect to connect to the device(iLO) with SSH. After the $ssh->login() I'm able to view the prompt, but not able to send any coommands.
With the putty I can connect to the device and execute the commands without any issues.
Here is the sample script
my $ssh =... (0 Replies)
Discussion started by: hansini
0 Replies
7. HP-UX
Our network administrators implemented some sort of check to kill idle sessions and now burden is on us to run some sort of keep alive. Client based keep alive doesn't do a very good job. I have same issue with ssh. Does solution 2 provided above apply for ssh sessions also? (1 Reply)
Discussion started by: yoda9691
1 Replies
8. Shell Programming and Scripting
HI
I know that it sounds crazy :eek:
appreciated if any one provided me a solution for my below case , the below script is checking the Database availability on many servers by establishing rsh session ( one by one ) , sometime one of the servers goes down and while this the script taking... (0 Replies)
Discussion started by: bejo4ever
0 Replies
9. Solaris
Hi,
i need to kill the idle dt sessions through script, can anyone tell me how to do?
RJS (2 Replies)
Discussion started by: rajasekg
2 Replies
LEARN ABOUT SUSE
krb5_auth_rules
krb5_auth_rules(5) Standards, Environments, and Macros krb5_auth_rules(5) NAME
krb5_auth_rules - Overview of Kerberos V5 authorization DESCRIPTION
When a user uses kerberized versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user is "who he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity is permitted to access the Solaris user account that the client wants to access. Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file should contain a Kerberos principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file. If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)). If the originating user's Kerberos V5 identity is in the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then the originating user is denied access. For example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database (see passwd(4)) with uid 23154, then access to account jdb-user is granted. Of course, normally, the target account name in this example would be jdb and not jdb-user. Finally, if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will be granted access to the account if and only if all of the following are true: o The user part of the authenticated principal name is the same as the target account name specified by the client. o The realm part of the client and server are the same. o The target account name exists on the server. For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM, then even if jdb is a valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM differ. FILES
~/.k5login Per user-account authorization file. /etc/passwd System account file. This information may also be in a directory service. See passwd(4). ATTRIBUTES
See attributes(5) for a description of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5) NOTES
To avoid security problems, the ~/.k5login file must be owned by the remote user. SunOS 5.10 13 Apr 2004 krb5_auth_rules(5)