Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Can I restrict IP and AIX account at the same time?
Operating Systems AIX Can I restrict IP and AIX account at the same time? Post 302972830 by MadeInGermany on Wednesday 11th of May 2016 06:25:56 AM
Old 05-11-2016
For telnet you can try TCP wrappers.
You first need to install them (maybe even to first compile them).

Then enable them for telnetd in /etc/inetd.conf

Then put the following in /etc/hosts.allow
Code:
telnetd : alice@192.168.1.100

and the following in /etc/hosts.deny
Code:
telnetd : ALL

This User Gave Thanks to MadeInGermany For This Post:
nnnnnnine
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to restrict account to one log-in?

Our users have the tendency to use only one login account, to do their jobs. Obvious itīs a matter of training our users. But our internal audit team insists on restrictions from our system. So is there an option to restrict an account to only login once into the system? We use HP-UX 11.0. ... (0 Replies)
Discussion started by: Egroman
0 Replies

2. UNIX for Advanced & Expert Users

how to find creation time of an account?

Hi all, I want to know the time when a perticular user is created, atleat in which year it is created. Could any one help me in this issue. Thanks in advance. Regards, M.Sukumar (1 Reply)
Discussion started by: sukumar
1 Replies

3. AIX

AIX shell account

I am just wondering if there is a way I can obtain a free shell account for an AIX server that I can make test drive on it. I tried google search and ibm's web site but couldn't find anything.. regards, (2 Replies)
Discussion started by: milhan
2 Replies

4. AIX

How to restrict Highports in AIX 5.2

Hello, I am using wu-ftp 2.4.2 in AIX 5.2. I wanted to restrict high ports for dataconnection. by default dataconnection ports will be from range 1024 to 65536. But i wanted to restrict it to some range like 10000 - 10500. This setting is to enable ports at client firewall. Please let me... (0 Replies)
Discussion started by: balareddy
0 Replies

5. Shell Programming and Scripting

How to restrict running one instance of scp at any time in fsniper

How to restrict running one instance of scp at any time? (2 Replies)
Discussion started by: proactiveaditya
2 Replies

6. Solaris

How to Restrict user login after certain time in Solaris??

My OS is Solaris 10, I would like to know if there is any way to restrict user login to the system (either remote or console login) after certain time, say 20:00 on Mon to Fri and whole day on SAT and SUN??? Sorry that I am a new user on Unix System. Any comment is fully appreciated!!! Alex (7 Replies)
Discussion started by: alessandro31
7 Replies

7. AIX

AIX: Could not login using NIS Account?

Hi there, I am new to AIX environment, when I set up NIS Client for an AIX 5.3 Machine to connect to a Linux NIS Master, everything seems to be okie: /etc/passwd: +::0:0::: /etc/group: +: ps -ef | egrep "ypbind": /usr/lib/netsvc/yp/ypbind -ypsetme -ypsetme I can get all account... (0 Replies)
Discussion started by: quanba
0 Replies

8. UNIX for Advanced & Expert Users

IBM directory server - how to restrict AIX client access to read-only

Hello all, I am using IBM Directory Server (as a part of AIX7 extension pack) in an AIX environment. To set up the server I use command: mksecldap -s -a cn=admin -p PWD -S RFC2307AIX -d o=COMPANY -u NONE Then, to set up IDS clients I use the following (I have 2 mutually replicating servers... (0 Replies)
Discussion started by: Myaso
0 Replies

9. UNIX for Beginners Questions & Answers

How to restrict ftpusers in AIX to home directory?

I need to know how to restrict the ftpusers within their home directory in AIX 7.1 For example for ftpuser nonoftp I have tried putting this entry to /etc/ftpaccess.ctl and refreshed inetd but the directory listing unsuccessful error comes with the entry. Without the ftpaccess.ctl file ftp users... (2 Replies)
Discussion started by: pregmi
2 Replies

10. UNIX for Advanced & Expert Users

Restrict service account from direct interactive sessions

Environment: CentOS 7 I would like to have a solution where a service account can access a server in only these ways: ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed) not ssh interactively regular... (2 Replies)
Discussion started by: bgstack15
2 Replies

LEARN ABOUT OSF1

telnetd

telnetd(8)						      System Manager's Manual							telnetd(8)

NAME

       telnetd - The DARPA telnet protocol server

SYNOPSIS

       telnetd [-debug [port]] [-D modifier ...]

FLAGS

       Starts  telnetd	manually,  rather than through inetd, on alternate TCP port number port (if specified).  Prints out debugging information.
       modifiers are: Prints information about negotiation of telnet options Same as options with additional processing information  Displays  the
       data stream received by telnetd Displays data written to the pty Not yet implemented

DESCRIPTION

       The  telnetd daemon is a server that supports the DARPA (Defense Advanced Research Projects Agency) standard telnet virtual terminal proto-
       col.  telnetd is invoked by the Internet server (see inetd(8)) normally for requests to connect to the telnet  port  as	indicated  by  the
       /etc/services  file  (see  services(4)).   The  -debug flag may be used, to start up telnetd manually.  If started up this way, port may be
       specified to run telnetd on an alternate TCP port number.

       The -D options may be used for debugging purposes.  This allows telnetd to print out debugging information to the connection, allowing  the
       user to see what telnetd is doing.

       The  telnetd  daemon  operates  by allocating a pseudoterminal device (see pty(7)) for a client, then creating a login process that has the
       slave side of the pseudoterminal as stdin, stdout, and stderr.  telnetd manipulates the master side of  the  pseudo-terminal,  implementing
       the telnet protocol and passing characters between the remote client and the login process.

       When a telnet session is started up, telnetd sends telnet options to the client side, indicating a willingness to do remote echo of charac-
       ters, to suppress go ahead, to do remote flow control, and to receive terminal type information, terminal  speed  information,  and  window
       size information from the remote client.  If the remote client is willing, the remote terminal type is propagated in the environment of the
       created login process.  The pseudoterminal allocated to the client is configured to operate in  cooked  mode,  and  with  XTABS	and  CRMOD
       enabled (see tty(7)).

       The  telnetd  daemon  is willing to do: echo, binary, suppress go ahead, and timing mark.  telnetd is willing to have the remote client do:
       line mode, binary, terminal type, terminal speed, window size, toggle flow control, environment, X display location, and suppress go ahead.

       The telnetd daemon never sends telnet go ahead commands.

       Note that binary mode has no common interpretation except between similar operating systems (Unix compatible systems in this case).

       Note also that the terminal type name received from the remote client is converted to lowercase.

       The telnet command uses the default Type-of-Service value recommended by RFC1060, which is as follows: Low delay

       You can configure this value by specifying it in the /etc/iptos file. For more information, see iptos(4).

       By default, the telnetd daemon starts the login dialog using the login string specified in the message field of	the  /etc/gettydefs  file.
       If  you	want  to  use  a customized banner, create an /etc/issue.net or /etc/issue file. The telnetd daemon reads the file that exists and
       writes its contents over a new telnet connection prior to starting the login dialog. If both files exist, only the /etc/issue.net  file	is
       used.

CAUTIONS

       Some telnet commands are only partially implemented.

       Because	of bugs in the original 4.2BSD telnet(1), telnetd performs some dubious protocol exchanges to try to discover if the remote client
       is, in fact, a 4.2BSD telnet(1).

FILES

       Specifies the command path.  Specifies the path name for the network issue identification file.	Specifies the  path  name  for	the  issue
       identification file.

RELATED INFORMATION

       Commands: telnet(1).

       Files: iptos(4), issue(4), issue.net(4).  delim off

																	telnetd(8)
All times are GMT -4. The time now is 01:25 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy