08-25-2010
As already stated in the quoted man page from sshd_config you 1st deny and then allow for users.
Edit:
Quote:
The allow/deny directives are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
Last edited by zaxxon; 08-25-2010 at 11:35 AM..
Reason: pointing out importance of order
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Dear all
i am relatively new in using UNIX i have a problem,
We are using IBM Informix Dynamic Server Version 9.40.FC7W4 we have 2 bsic user groups that we are using the 1st is root and another i wasnt to restrict the command "dba" that takes the users of that group to the database. I have... (3 Replies)
Discussion started by: masquerer
3 Replies
2. Shell Programming and Scripting
Hi all,
I am trying to eject the cdrom from a livecd after certain stage...
Now assuming that it is possible to eject,please consider my issue!!!
The OS boots into a regular user by default...so i am unable to use the eject command to push out the drive...
However if i try pfexec eject it... (3 Replies)
Discussion started by: wrapster
3 Replies
3. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies
4. Shell Programming and Scripting
Hi All
I have written one shell script for GPRS route add is given below named GPRSRouteSet.sh
URL="www.google.com"
VBURL="10.5.2.211"
echo "Setting route for $URL for GPRS"
URL_Address=`nslookup $URL|grep Address:|grep -v "#"|awk -F " " '{print $2}'|head -1`
echo "Executing ... (3 Replies)
Discussion started by: mnmonu
3 Replies
5. Solaris
Hello All,
Anybody please help me to know ,what happens when a user having entry in both cron.allow and cron.deny files.Wheather the user will be able to access the crontab???
Thanks in advance
Vaisakh (5 Replies)
Discussion started by: ksvaisakh
5 Replies
6. UNIX for Advanced & Expert Users
Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent.
The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies
7. Shell Programming and Scripting
Hi I need help..........
I have an Sun One Directory server LDIF file with 5000 user entries, I need to change the data to match Test ID's, so I can run a perf test.
I'm way out of my league as I have not done any scripting for 10 years.
There are four entries for each user in the file... (3 Replies)
Discussion started by: Macdaddy99
3 Replies
8. Solaris
Hi,
I want to deny Vi editor to few users, is it possible to do the same in Solaris 10. If yes, then how?
Thanks in advance............ (2 Replies)
Discussion started by: ajhal04
2 Replies
9. UNIX for Dummies Questions & Answers
Whenever i switch from root to another user, by doing su - user, it takes me to home directory of user. This is very annoying as i want to be in same dir to run different commands as root sometimes and sometimes as normal user.
How to fix this? (1 Reply)
Discussion started by: syncmaster
1 Replies
10. Shell Programming and Scripting
Hi,
I need to switch from local user to root user in a shell script.
I need to make it automated so that it doesn't prompt for the root password.
I heard the su command will do that work but it prompt for the password.
and also can someone tell me whether su command spawns a new shell or... (1 Reply)
Discussion started by: Little
1 Replies
LEARN ABOUT OPENSOLARIS
ftphosts
ftphosts(4) File Formats ftphosts(4)
NAME
ftphosts - FTP Server individual user host access file
SYNOPSIS
/etc/ftpd/ftphosts
DESCRIPTION
The ftphosts file is used to allow or deny access to accounts from specified hosts. The following access capabilities are supported:
allow username addrglob [addrglob...]
Only allow users to login as username from host(s) that match addrglob.
deny username addrglob [addrglob...]
Do not allow users to login as username from host(s) that match addrglob.
A username of * matches all users. A username of anonymous or ftp specifies the anonymous user.
addrglob is a regular expression that is matched against hostnames or IP addresses. addrglob may also be in the form address:netmask or
address/CIDR, or be the name of a file that starts with a slash ('/') and contains additional address globs. An exclamation mark (`!')
placed before the addrglob negates the test.
The first allow or deny entry in the ftphosts file that matches a username and host is used. If no entry exists for a username, then access
is allowed. Otherwise, a matching allow entry is required to permit access.
EXAMPLES
You can use the following ftphosts file to allow anonymous access from any host except those on the class A network 10, with the exception
of 10.0.0.* IP addresses, which are allowed access:
allow ftp 10.0.0.*
deny ftp 10.*.*.*
allow ftp *
10.0.0.* can be written as 10.0.0.0:255.255.255.0 or 10.0.0.0/24.
FILES
/etc/ftpd/ftphosts
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWftpr |
+-----------------------------+-----------------------------+
|Interface Stability |External |
+-----------------------------+-----------------------------+
SEE ALSO
in.ftpd(1M), ftpaccess(4), attributes(5)
SunOS 5.11 1 May 2003 ftphosts(4)