Visit Our UNIX and Linux User Community


Force user to use ssh/prevent telnet access


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Force user to use ssh/prevent telnet access
# 1  
Old 09-21-2009
Force user to use ssh/prevent telnet access

I have just set up a user on our system HP-Thru64. The user needs to be able to su to root after they login and this works fine. Users cannot login from root externally so you have to first connect as a user and then su. I am wondering is it possible for me to prevent the user from having telnet access over port 23 and force them to use port 22. Currently a user can login in using regular telnet and then su which I figure is dangerous, I would like them to have to use ssh (port 22).

Also is it possible to force a user to have ftp access only, actually I should say sftp.

Thanks in advance
# 2  
Old 09-21-2009
Easiest would be to turn off telnetd and ftpd. So all are forced to use the more secure ssh/scp/sftp.
# 3  
Old 09-21-2009
Thanks Zaxxon
Unfortunately I can't force that decision. Is it not possible what I am trying to do?

Regards
# 4  
Old 09-21-2009
Another option would be to enable public key authentication, give those users their key-pair, and a week later set their passwords to some random string, re-set every hour or so.
# 5  
Old 09-21-2009
Quote:
Originally Posted by peragin
Thanks Zaxxon
Unfortunately I can't force that decision. Is it not possible what I am trying to do?

Regards
If you can't force that decision, it seems odd you'd be allowed to force the exact same one just by using completely different means...
 

Previous Thread | Next Thread
Test Your Knowledge in Computers #922
Difficulty: Easy
Unix time can be extended backwards from the epoch using negative numbers.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Prevent user from creating new user from his login

Hi Experts, Need your support Redhat 6.5 I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login to perform any task. (10 Replies)
Discussion started by: as7951
10 Replies

2. IP Networking

Force SSH session without/disabling X11 forwarding.

I would like to disable X11 session forcefully. I have tried the following things: 1. Setting appropriate DISPLAY variable in the /etc/environment file to be "0.0" 2. I have tried setting the sshd_config parameter X11Forwarding to be "no" This session communication is happening by exchanging... (2 Replies)
Discussion started by: vaibhavvsk
2 Replies

3. Shell Programming and Scripting

Expect script that simulates a SSH brute force attack

I want to test the effectiveness of sshguard on some of my systems so I'm trying to write a script that simulates a brute force attack by sending a bunch of different username and password combinations to the servers being tested. So far I have this: #!/usr/local/bin/expect set timeout 3... (5 Replies)
Discussion started by: ph0enix
5 Replies

4. Red Hat

Force ssl/ssh to use the hosts file

does anyone know how to force ssh/ssl to use the hosts file instead of DNS? I have disabled the DNS servers but ssh still will not resolve a host in the hosts file. thanks in advance for the help! DS (3 Replies)
Discussion started by: derrell simpson
3 Replies

5. AIX

Disabling SSH direct access for an AIX user

Hello everyone, Can anyone help me please. I want to disable SSH direct access for an AIX user. For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 . Thanks, (3 Replies)
Discussion started by: adilyos
3 Replies

6. Shell Programming and Scripting

ssh key based authentication - force

Hi Team, we have problem with sftp. Though SA team has setup the keys between 2 server, sftp still prompts for the password. After many attempt to rectify the problem, SA has asked us force the SSH key based authentication by using following command. sftp2 --indetity="folder/private_key"... (6 Replies)
Discussion started by: ace_friends22
6 Replies

7. UNIX for Advanced & Expert Users

Parallel access - how to prevent

I have one shell script which is being accessed by many jobs at same time. I want to make the script such that , other job should wait for the script if script is being used by some other job. Is there any way to implement it in script level ? Gops (1 Reply)
Discussion started by: Gopal_Engg
1 Replies

8. Shell Programming and Scripting

prevent ssh from executing result in shell

Hi, I am writing a script on Solaris 10 and want to execute a remote ssh command. Normally this command should just return the value 0000000000002356 but when using ssh it seems it is passing the result to the shell to execute. ssh root@10.5.112.145 `/usr/bin/nawk -F\, '$1=="USG" && $2=="01"... (3 Replies)
Discussion started by: borderblaster
3 Replies

9. Cybersecurity

SSH - prevent roaming around the server

Hi, We have a user who needs to connect to us over the internet using an ssh client. We use HP-UX 11.00. We set up a home directory with login and password for them. We would not want to give them full roaming access for the server ie, they should not be able to cd up the directory tree. ... (2 Replies)
Discussion started by: Bab00shka
2 Replies

10. UNIX for Advanced & Expert Users

User Access Problem: Via Telnet or even Console

Just took over a UNIX Server from someone who left our company. Having problems with access by some existing users as well as new users. I get the following message from telnet sessions, when attempting access at the "Login:" prompt: "UX:in.login:ERRO: Login incorrect" "telnetd:Unable to... (2 Replies)
Discussion started by: Vincent Garcia
2 Replies

Featured Tech Videos