Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict ssh for particular user
Operating Systems HP-UX Restrict ssh for particular user Post 302993993 by rbatte1 on Friday 17th of March 2017 07:42:07 AM
Old 03-17-2017
How are people logging in as that account? Do they have a password or SSH key perhaps?

The easiest way would be to change the password and remove any unauthorised entries from ~oracle/.ssh/authorized_keys

Then, only allow access to people with a sudo rule and keep that list very restricted.

What is the actual issue you are trying to solve?



Robin
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How to restrict Core file generation after scp (of SSH) command executed in UNIX

Hi, I am getting core file in local machine after trasfer files to other machine by using scp (secure copy) of SSH in UNIX. Could any one please tell me how to restrict core file generatation by using scp command. (4 Replies)
Discussion started by: nrsekhar
4 Replies

2. AIX

Can we restrict an user to use only certain disk space

Hi, In Ibm Aix can we restrict the user to use only 50% or 60% of disk space. Thanks, Chris (1 Reply)
Discussion started by: pramod10
1 Replies

3. Solaris

restrict a user to certain command

Hi all, I am using Sun OS 5.10. I am new to Unix. Is there some way to restrict a specific user to certain command say "/usr/bin/more" ?? for example: I want that user1 can execute more command & user2 can't. Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Discussion started by: vikas027
1 Replies

4. AIX

New user and restrict path

Hello I have a question in Aix 5.3 can I create a user, that only can see a specify path. I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this. I only... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies

5. UNIX for Dummies Questions & Answers

Restrict command for an user ?

Hi everyone ! I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say : -bash: ls: command not found I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home... (4 Replies)
Discussion started by: camus
4 Replies

6. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

7. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

8. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

9. Shell Programming and Scripting

How to restrict ssh by forced commands but sftp login should be enabled?

Hi, I am trying to restrict an ssh-user to execute unwanted commands using ssh from a remote host a. So for that I am using the forced command in the authorized_keys file that will allow the ssh-user to only execute a particular command. If I did not set this, I am able to login via ssh and... (2 Replies)
Discussion started by: Anil George
2 Replies

10. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

LEARN ABOUT LINUX

chage

CHAGE(1)							   User Commands							  CHAGE(1)

NAME

       chage - change user password expiry information

SYNOPSIS

       chage [options] [LOGIN]

DESCRIPTION

       The chage command changes the number of days between password changes and the date of the last password change. This information is used by
       the system to determine when a user must change his/her password.

OPTIONS

       The options which apply to the chage command are:

       -d, --lastday LAST_DAY
	   Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format
	   YYYY-MM-DD (or the format more commonly used in your area).

       -E, --expiredate EXPIRE_DATE
	   Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be
	   expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the
	   system administrator before being able to use the system again.

	   Passing the number -1 as the EXPIRE_DATE will remove an account expiration date.

       -h, --help
	   Display help message and exit.

       -I, --inactive INACTIVE
	   Set the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of
	   days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again.

	   Passing the number -1 as the INACTIVE will remove an account's inactivity.

       -l, --list
	   Show account aging information.

       -m, --mindays MIN_DAYS
	   Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change
	   his/her password at any time.

       -M, --maxdays MAX_DAYS
	   Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user
	   will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by
	   use of the -W option, which provides the user with advance warning.

	   Passing the number -1 as MAX_DAYS will remove checking a password's validity.

       -W, --warndays WARN_DAYS
	   Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the
	   password expiring that a user will be warned his/her password is about to expire.

       If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the
       fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a
       pair of [ ] marks.

NOTE

       The chage program requires a shadow password file to be available.

       The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when
       his/her password or account is due to expire.

CONFIGURATION

       The following configuration variables in /etc/login.defs change the behavior of this tool:

FILES

       /etc/passwd
	   User account information.

       /etc/shadow
	   Secure user account information.

EXIT VALUES

       The chage command exits with the following values:

       0
	   success

       1
	   permission denied

       2
	   invalid command syntax

       15
	   can't find the shadow password file

SEE ALSO

       passwd(5), shadow(5).

User Commands							    06/24/2011								  CHAGE(1)
All times are GMT -4. The time now is 06:14 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy