03-17-2017
How are people logging in as that account? Do they have a password or SSH key perhaps?
The easiest way would be to change the password and remove any unauthorised entries from ~oracle/.ssh/authorized_keys
Then, only allow access to people with a sudo rule and keep that list very restricted.
What is the actual issue you are trying to solve?
Robin
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I am getting core file in local machine after trasfer files to other machine by using scp (secure copy) of SSH in UNIX.
Could any one please tell me how to restrict core file generatation by using scp command. (4 Replies)
Discussion started by: nrsekhar
4 Replies
2. AIX
Hi,
In Ibm Aix can we restrict the user to use only 50% or 60% of disk space.
Thanks,
Chris (1 Reply)
Discussion started by: pramod10
1 Replies
3. Solaris
Hi all,
I am using Sun OS 5.10. I am new to Unix.
Is there some way to restrict a specific user to certain command say "/usr/bin/more" ??
for example: I want that user1 can execute more command & user2 can't.
Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Discussion started by: vikas027
1 Replies
4. AIX
Hello
I have a question in Aix 5.3 can I create a user, that only can see a specify path.
I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this.
I only... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies
5. UNIX for Dummies Questions & Answers
Hi everyone !
I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say :
-bash: ls: command not found
I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home... (4 Replies)
Discussion started by: camus
4 Replies
6. Red Hat
Hi
I have a Fedora10 server and i need a particular user to view files only in a particular folder.
All other files in other folders having "read" permission for all shouldn't be accessible to this user.
Please let me know if ther's a way.
Thanks,
HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies
7. UNIX for Dummies Questions & Answers
Hi All,
How can we restrict a particular user access to a particular shell in solaris 10.
Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies
8. Red Hat
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies
9. Shell Programming and Scripting
Hi,
I am trying to restrict an ssh-user to execute unwanted commands using ssh from a remote host a. So for that I am using the forced command in the authorized_keys file that will allow the ssh-user to only execute a particular command.
If I did not set this, I am able to login via ssh and... (2 Replies)
Discussion started by: Anil George
2 Replies
10. AIX
hi,
I want to restrict some user access to only 1 directory (including all sub-directories/files in it).
can you please explain me, how can we do this?
example;
Filesystem GB blocks Used Free %Used Mounted on
/dev/hd4 2.61 1.02 1.59 40% /
/dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies
CHAGE(1) User Commands CHAGE(1)
NAME
chage - change user password expiry information
SYNOPSIS
chage [options] [LOGIN]
DESCRIPTION
The chage command changes the number of days between password changes and the date of the last password change. This information is used by
the system to determine when a user must change his/her password.
OPTIONS
The options which apply to the chage command are:
-d, --lastday LAST_DAY
Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format
YYYY-MM-DD (or the format more commonly used in your area).
-E, --expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be
expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the
system administrator before being able to use the system again.
Passing the number -1 as the EXPIRE_DATE will remove an account expiration date.
-h, --help
Display help message and exit.
-I, --inactive INACTIVE
Set the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of
days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again.
Passing the number -1 as the INACTIVE will remove an account's inactivity.
-l, --list
Show account aging information.
-m, --mindays MIN_DAYS
Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change
his/her password at any time.
-M, --maxdays MAX_DAYS
Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user
will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by
use of the -W option, which provides the user with advance warning.
Passing the number -1 as MAX_DAYS will remove checking a password's validity.
-W, --warndays WARN_DAYS
Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the
password expiring that a user will be warned his/her password is about to expire.
If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the
fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a
pair of [ ] marks.
NOTE
The chage program requires a shadow password file to be available.
The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when
his/her password or account is due to expire.
CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool:
FILES
/etc/passwd
User account information.
/etc/shadow
Secure user account information.
EXIT VALUES
The chage command exits with the following values:
0
success
1
permission denied
2
invalid command syntax
15
can't find the shadow password file
SEE ALSO
passwd(5), shadow(5).
User Commands 06/24/2011 CHAGE(1)