Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Can I restrict IP and AIX account at the same time?
Operating Systems AIX Can I restrict IP and AIX account at the same time? Post 302972787 by nnnnnnine on Tuesday 10th of May 2016 10:26:05 PM
Old 05-10-2016
Hi dukessd,

Thanks for your reply.

But when I use AIX filtering (ipsec) , I only can restrict IP address.

How to restrict specific user login?
for example:
user alice can login to AIX (via ssh or telnet) from 192.168.1.100
user bob can not login to AIX (via ssh or telnet) from 192.168.1.100

I do not want all user can not login to AIX from 192.168.1.100
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to restrict account to one log-in?

Our users have the tendency to use only one login account, to do their jobs. Obvious itīs a matter of training our users. But our internal audit team insists on restrictions from our system. So is there an option to restrict an account to only login once into the system? We use HP-UX 11.0. ... (0 Replies)
Discussion started by: Egroman
0 Replies

2. UNIX for Advanced & Expert Users

how to find creation time of an account?

Hi all, I want to know the time when a perticular user is created, atleat in which year it is created. Could any one help me in this issue. Thanks in advance. Regards, M.Sukumar (1 Reply)
Discussion started by: sukumar
1 Replies

3. AIX

AIX shell account

I am just wondering if there is a way I can obtain a free shell account for an AIX server that I can make test drive on it. I tried google search and ibm's web site but couldn't find anything.. regards, (2 Replies)
Discussion started by: milhan
2 Replies

4. AIX

How to restrict Highports in AIX 5.2

Hello, I am using wu-ftp 2.4.2 in AIX 5.2. I wanted to restrict high ports for dataconnection. by default dataconnection ports will be from range 1024 to 65536. But i wanted to restrict it to some range like 10000 - 10500. This setting is to enable ports at client firewall. Please let me... (0 Replies)
Discussion started by: balareddy
0 Replies

5. Shell Programming and Scripting

How to restrict running one instance of scp at any time in fsniper

How to restrict running one instance of scp at any time? (2 Replies)
Discussion started by: proactiveaditya
2 Replies

6. Solaris

How to Restrict user login after certain time in Solaris??

My OS is Solaris 10, I would like to know if there is any way to restrict user login to the system (either remote or console login) after certain time, say 20:00 on Mon to Fri and whole day on SAT and SUN??? Sorry that I am a new user on Unix System. Any comment is fully appreciated!!! Alex (7 Replies)
Discussion started by: alessandro31
7 Replies

7. AIX

AIX: Could not login using NIS Account?

Hi there, I am new to AIX environment, when I set up NIS Client for an AIX 5.3 Machine to connect to a Linux NIS Master, everything seems to be okie: /etc/passwd: +::0:0::: /etc/group: +: ps -ef | egrep "ypbind": /usr/lib/netsvc/yp/ypbind -ypsetme -ypsetme I can get all account... (0 Replies)
Discussion started by: quanba
0 Replies

8. UNIX for Advanced & Expert Users

IBM directory server - how to restrict AIX client access to read-only

Hello all, I am using IBM Directory Server (as a part of AIX7 extension pack) in an AIX environment. To set up the server I use command: mksecldap -s -a cn=admin -p PWD -S RFC2307AIX -d o=COMPANY -u NONE Then, to set up IDS clients I use the following (I have 2 mutually replicating servers... (0 Replies)
Discussion started by: Myaso
0 Replies

9. UNIX for Beginners Questions & Answers

How to restrict ftpusers in AIX to home directory?

I need to know how to restrict the ftpusers within their home directory in AIX 7.1 For example for ftpuser nonoftp I have tried putting this entry to /etc/ftpaccess.ctl and refreshed inetd but the directory listing unsuccessful error comes with the entry. Without the ftpaccess.ctl file ftp users... (2 Replies)
Discussion started by: pregmi
2 Replies

10. UNIX for Advanced & Expert Users

Restrict service account from direct interactive sessions

Environment: CentOS 7 I would like to have a solution where a service account can access a server in only these ways: ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed) not ssh interactively regular... (2 Replies)
Discussion started by: bgstack15
2 Replies

LEARN ABOUT DEBIAN

smokeping_probes_opensshjunosping

Smokeping_probes_OpenSSHJunOSPing(3)				     SmokePing				      Smokeping_probes_OpenSSHJunOSPing(3)

NAME

       Smokeping::probes::OpenSSHJunOSPing - Juniper SSH JunOS Probe for SmokePing

SYNOPSIS

	*** Probes ***

	+OpenSSHJunOSPing

	forks = 5
	offset = 50%
	packetsize = 100
	step = 300
	timeout = 15

	# The following variables can be overridden in each target section
	junospass = password # mandatory
	junosuser = user # mandatory
	pings = 5
	psource = 192.168.2.129
	source = 192.168.2.1 # mandatory

	# [...]

	*** Targets ***

	probe = OpenSSHJunOSPing # if this should be the default probe

	# [...]

	+ mytarget
	# probe = OpenSSHJunOSPing # if the default probe is something else
	host = my.host
	junospass = password # mandatory
	junosuser = user # mandatory
	pings = 5
	psource = 192.168.2.129
	source = 192.168.2.1 # mandatory

DESCRIPTION

       Connect to Juniper JunOS via OpenSSH to run ping commands.  This probe uses the "extended ping" of the Juniper JunOS.  You have the option
       to specify which interface the ping is sourced from as well.

VARIABLES

       Supported probe-specific variables:

       forks
	   Run this many concurrent processes at maximum

	   Example value: 5

	   Default value: 5

       offset
	   If you run many probes concurrently you may want to prevent them from hitting your network all at the same time. Using the probe-
	   specific offset parameter you can change the point in time when each probe will be run. Offset is specified in % of total interval, or
	   alternatively as 'random', and the offset from the 'General' section is used if nothing is specified here. Note that this does NOT
	   influence the rrds itself, it is just a matter of when data acqusition is initiated.  (This variable is only applicable if the variable
	   'concurrentprobes' is set in the 'General' section.)

	   Example value: 50%

       packetsize
	   The (optional) packetsize option lets you configure the packetsize for the pings sent.

	   Default value: 100

       step
	   Duration of the base interval that this probe should use, if different from the one specified in the 'Database' section. Note that the
	   step in the RRD files is fixed when they are originally generated, and if you change the step parameter afterwards, you'll have to
	   delete the old RRD files or somehow convert them. (This variable is only applicable if the variable 'concurrentprobes' is set in the
	   'General' section.)

	   Example value: 300

       timeout
	   How long a single 'ping' takes at maximum

	   Example value: 15

	   Default value: 5

       Supported target-specific variables:

       junospass
	   The junospass option allows you to specify the password for the username specified with the option junosuser.

	   Example value: password

	   This setting is mandatory.

       junosuser
	   The junosuser option allows you to specify a username that has ping capability on the JunOS Device.

	   Example value: user

	   This setting is mandatory.

       pings
	   How many pings should be sent to each target, if different from the global value specified in the Database section. Note that the
	   number of pings in the RRD files is fixed when they are originally generated, and if you change this parameter afterwards, you'll have
	   to delete the old RRD files or somehow convert them.

	   Example value: 5

       psource
	   The (optional) psource option specifies an alternate IP address or Interface from which you wish to source your pings from.	Routers
	   can have many many IP addresses, and interfaces.  When you ping from a router you have the ability to choose which interface and/or
	   which IP address the ping is sourced from.  Specifying an IP/interface does not necessarily specify the interface from which the ping
	   will leave, but will specify which address the packet(s) appear to come from.  If this option is left out the JunOS Device will source
	   the packet automatically based on routing and/or metrics.  If this doesn't make sense to you then just leave it out.

	   Example value: 192.168.2.129

       source
	   The source option specifies the JunOS device that is going to run the ping commands.  This address will be used for the ssh connection.

	   Example value: 192.168.2.1

	   This setting is mandatory.

AUTHORS

       Tobias Oetiker lttobi@oetiker.chgt

       based on Smokeping::probes::TelnetJunOSPing by S H A N ltshanali@yahoo.comgt.

NOTES

   JunOS configuration
       The JunOS device should have a username/password configured, as well as the ability to connect to the VTY(s).

       Make sure to connect to the remote host once from the commmand line as the user who is running smokeping. On the first connect ssh will ask
       to add the new host to its known_hosts file. This will not happen automatically so the script will fail to login until the ssh key of your
       juniper box is in the known_hosts file.

       Some JunOS devices have a maximum of 5 VTYs available, so be careful not to hit a limit with the 'forks' variable.

   Requirements
       This module requires the  Net::OpenSSH and IO::Pty.

2.6.8								    2013-03-17				      Smokeping_probes_OpenSSHJunOSPing(3)
All times are GMT -4. The time now is 07:40 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy