One accout for FTP other to TELNET

Thread Tools Search this Thread
Special Forums Cybersecurity One accout for FTP other to TELNET
# 8  
Old 06-29-2002
Its me again...
Do you know how can we prevent the user that can not access telnet from su also...I mean if I am user X and typed su - Y
(where user Y is the one that can not be used for telnet), I want this change of user to fail.
Thanks in advance
# 9  
Old 06-29-2002
I'm pretty sure that "su - Y" will fail because you would get the same shell and not be able to do anything. But "su Y" is another matter, that will work and there is no easy way to change that.

On SunOS, su does use a facility called pam and it is probably possible to configure pam to do this. I have never used pam, and as I survey the man pages, I tend to think that this approach would be too difficult for you.

One thing that I have seen done is to restrict who can run su at all. This means that user X could not su to user Y. But the price is that user X can no longer use su at all.

To do this:
create a new group called wheel
chgrp wheel /usr/bin/su
chmod 4750 /usr/bin/su

Now anyone who needs to use the su program must be added to the group called wheel.
# 10  
Old 06-29-2002

Thank you very much...I really appreciate your help
# 11  
Old 08-09-2002
Hi again,
If I want to make that account that can be used for ftp only (while can not be used for telnet) bew accessable from other user (i.e., su and su - ) work. How can I do that?
Thank you in advance
Best Regards
# 12  
Old 08-09-2002
You can probably get "su" to work. But "su -" by definition results in the same exact environment that would result from a login. Since you have disabled the account from being able to login, this means that "su -" must fail or it would be broken. You are trying to redefine "su -" to mean something different. To do that you will need to write your version of su. Sorry for the bad news.

But I would expect just plain su to work. What happens when you try?
# 13  
Old 08-09-2002
Thank you very much for your valuable help

When I use "su" it behaves exactly as "su -"?
However, I will check it again just to make sure and inform you...

Thanks again
# 14  
Old 08-16-2002
I discovered a way to make users for telnet only using /etc/profile file where I check if the user is in a file which contain the list of telnet users.

Another question , I appreciate if you can help me, how can I terminate automatically an ftp session if it hangs. As Sun doc. states ftp -T will not end the session?

Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

last 90 days of ftp and telnet

Aix6.1 last | grep ftp shows me only 3 days. last does not show me telnet login or the same as ftp. i'd like to get the last 90 days of users who telnet or ftp to the box. thanks in advance. (3 Replies)
Discussion started by: lawsongeek
3 Replies

2. Solaris


I have a sunfire V240 but nobody seems to know the root password. I can get into ALOM but not console mode. Is there a hack or something that cn get me back into this system lo reload it? (5 Replies)
Discussion started by: dewsdwarfs
5 Replies

3. Shell Programming and Scripting

how to connect to admin accout through script

hi everyone i'm running script in c-shell and i want this script to connect to admin account in order to run other script in k-shell. after that i want the script to be severed from the admin account and to continue with the regular commands example: my script call cs-customers echo"starting... (16 Replies)
Discussion started by: naamas03
16 Replies

4. UNIX for Advanced & Expert Users

diable telnet & ftp

Hi All, I need to stop all the services for telnet & FTP as we want our server to be more secure. Please give me some steps for jumping to SSH protocol. How can i disable telnet & ftp service on my server. (1 Reply)
Discussion started by: pradeep_desh
1 Replies

5. UNIX for Dummies Questions & Answers

Ftp, telnet etc. not operational?

Well I have the programs and everything and the program itself seems to work, but they don't seem to be operateble. I ALWAYS get connection refused on everything. ftp, telnet, rlogin, ssh etc. So it must have something to do with some setting that doesn't allow connections to external hosts or... (6 Replies)
Discussion started by: riwa
6 Replies

6. Shell Programming and Scripting

Automating telnet and ftp

Hi, I want to automate FTP. I have a fair idea that this can be done using expect scripting. But I dont how to do it. Please, can anyone give me an example of how to do it in Unix. Thanks in advance (2 Replies)
Discussion started by: sendhilmani123
2 Replies

7. Linux

ftp telnet enable

hi , i have jsut installed linux 9.0 , but i can not ftp or telnet to the system . i have installed the ftp and the telnet server during installation . i have also configured the files to enable the ftp and telnet , the ftp and the telnet daemons are running , but when i do ftp : ftp... (1 Reply)
Discussion started by: ppass
1 Replies

8. UNIX for Dummies Questions & Answers

Telnet FTP scripting

Hi quick question from a unix newbie Working on a project to get me using unix, the point of this project is to find a printer on the network check for jobs in the printer if the printer has no jobs do nothing if the printer has jobs then check the status for errors and e-mail the user. This... (2 Replies)
Discussion started by: w33man
2 Replies

9. IP Networking

FTP or Telnet

Dumb question I'm sure but how on earth do I transfer files from a sco unix machine to my windows 2000 machine. I'm typing commands on my Win2000 machine. All I can seem to do is move files around on the unix system? (8 Replies)
Discussion started by: Timbash
8 Replies

10. UNIX for Dummies Questions & Answers

Automation of telnet and ftp

I have a basic query. I use telnet and ftp very frequently. I want to do it without spending time in typing username and password everytime. I know that if I have .netrc file which contains server address, username, pasword, then just typing ftp will conect to that server with that username and... (10 Replies)
Discussion started by: asutoshch
10 Replies
Login or Register to Ask a Question