Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Which program can I use for blocking unauthorized access via/ssh/ftp
Top Forums UNIX for Dummies Questions & Answers Which program can I use for blocking unauthorized access via/ssh/ftp Post 302430467 by mojoman on Thursday 17th of June 2010 05:26:30 PM
Old 06-17-2010
Which program can I use for blocking unauthorized access via/ssh/ftp
Hi,

I need to install a program on my Centos 5.3 server that will block unauthorized ssh/ftp access attempts. The two features I require is that I should be able to configure the program to block the IP of the intruder after a a certain amount of access attempts and that it should display a warning message to the user.
 

9 More Discussions You Might Find Interesting

1. Email Antispam Techniques and Email Filtering

Sendmail Access DB TLD Blocking ....

Now this is a bit tricky, but works great if you can decide which Top Level Domains or TLDs you want to receive mail We are getting so much spam from countries we never receive useful mail, I've been experimenting with blocking entire TLDs using sendmail access_db as an antispam technique. ... (0 Replies)
Discussion started by: Neo
0 Replies

2. UNIX for Dummies Questions & Answers

Blocking ftp users to connect using telnet

Hi everybody ! We have all flavors of Unix / Linux and we want to restrict ftp users to telnet our servers. We can't disable telnet because we have other users using it. :confused: Are there any thing that could be done to solve this thing ??? Best regards, Julio Moreira (11 Replies)
Discussion started by: juliocdrm
11 Replies

3. UNIX for Dummies Questions & Answers

Blocking FTP login at Solaris

Hi, We have an application which runs on telnet port, application structure is file based, we have to give write permissions to all the users to all files so that they can work on the system. Recently we have noticed that all ordinary users can login through ftp and delete any file (... (7 Replies)
Discussion started by: nervous
7 Replies

4. UNIX for Advanced & Expert Users

Blocking the ssh-keygen command

Hi All, I have a set of 100 servers , where users login through ssh, with a set of around 4-5 users. We have copied over the public keys to all the servers, for a passwordless authentication. Is it possible to block the ssh-keygen command for the users , so that the users that login do not... (5 Replies)
Discussion started by: nua7
5 Replies

5. Solaris

Unauthorized sudo access mail

We want to get a notification for all unauthorized sudo access via e-mail to our team DL .. whats the way to do it ? (1 Reply)
Discussion started by: fugitive
1 Replies

6. AIX

ftp access without shell access

Hi all, I'm using AIX v 5.3 I want to create system users to access through ftp or sftp and restrict those users into specific directory and don't traverse the whole file system just to be restricted within a directory and don't get shell access . i don't want to use any other third party... (7 Replies)
Discussion started by: h@foorsa.biz
7 Replies

7. UNIX for Dummies Questions & Answers

Redirecting requests from 8153 and blocking access to the same

Hey All, Problem: I have a application which runs on port 8153 (http) and on 8154 (https). For design reasons i can not block tcp connections to 8153. How do i forward all requests from http 8153 to https 8154( this would be the ideal solution) Or redirect all requests that come to... (2 Replies)
Discussion started by: Arun Kumar
2 Replies

8. Post Here to Contact Site Administrators and Moderators

Google Chrome is blocking access to UNIX.com

For some reason Google Chrome sees unix.com as dangerous and has start to block it. I need to select advanced and continue on own risk. Can you make an effort to remove unix.com form the list of dangerous site from Google. IE has not this problem. (5 Replies)
Discussion started by: Jotne
5 Replies

9. Shell Programming and Scripting

SSH shell script to access FTP over explicit TLS/SSL

Hello, I use the following SSH script to upload *.jpg files via FTP: #!/usr/bin/expect set timeout -1 spawn ftp -v -i expect "" send "\r" expect "Password:" send "\r" expect "ftp>" send "mput *.jpg\r" expect "ftp>" send "quit\r" replaced with actual ftp server/account data. ... (5 Replies)
Discussion started by: mrpi007
5 Replies

LEARN ABOUT SUNOS

ssh-keysign

ssh-keysign(1M) 														   ssh-keysign(1M)

NAME

       ssh-keysign - ssh helper program for host-based authentication

SYNOPSIS

       ssh-keysign

       ssh-keysign  is	used  by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
       with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the  name  of  the
       client user.

       ssh-keysign  is	disabled  by  default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
       basedAuthentication to yes.

       ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based  authen-
       tication.

       /etc/ssh/ssh_config

	   Controls whether ssh-keysign is enabled.

       /etc/ssh/ssh_host_dsa_key
       /etc/ssh/ssh_host_rsa_key

	   These  files  contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
	   only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must  be  set-uid  root  if	host-based
	   authentication is used.

       ssh-keysign will not sign host-based authentication data under the following conditions:

	 o  If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
	    den in users' ~/.ssh/ssh_config files.

	 o  If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of  the  client  where  ssh-keysign	is
	    invoked and the name of the user invoking ssh-keysign.

       In  spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
       as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

       ssh(1), sshd(1M), ssh_config(4), attributes(5)

AUTHORS

       Markus Friedl, markus@openbsd.org

HISTORY

       ssh-keysign first appeared in Ox 3.2.

								    9 Jun 2004							   ssh-keysign(1M)
All times are GMT -4. The time now is 02:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy