Operating System - HP-UX
1748178 Members
4125 Online
108758 Solutions
New Discussion юеВ

Re: Disable telnet/ssh login for certain user

 
SOLVED
Go to solution
Sajjad Ali_1
Occasional Advisor

Re: Disable telnet/ssh login for certain user

Darrel,

Do you have an example of SUDO configuration on who can SU to that user?

Thanks.
Sajjad Ali_1
Occasional Advisor

Re: Disable telnet/ssh login for certain user

Nieuwboer,

Does /etc/profile get executed after a valid username/passwd attempt? The problem I am running into is that people are trying to guess the password of the service account and keep locking it up. I am trying to find a solution where as soon as you type in the username, it will kick you out before a password prompt. I don't think that's possible, is it? Thanks.
Gordon  Morrison
Trusted Contributor

Re: Disable telnet/ssh login for certain user

I don't think that's possible either. I think what you really need is a club to re-program your users with.
What does this button do?
Gordon  Morrison
Trusted Contributor
Solution

Re: Disable telnet/ssh login for certain user

I have designed a club for your users' reprogramming needs. (It may need some tweaking for your environment)
This will catch direct login attempts for a user, but will allow "su -" to that user.
Add the following to the relevant user's .profile :

uid=$(who am i|awk '{print $1}')
if [[ $uid = username ]] ; then
who -u | grep username | mailx -s "Attempted intrusion" root@hostname
echo""
echo "###################"
echo "Logging in directly as username is prohibited!"
echo "This attempt has been logged."
echo "Repeated attempts will result in diciplinary action."
echo "Please login as yourself, then use su"
echo "###################"
echo ""
exit
fi

What does this button do?
Mark Nieuwboer
Esteemed Contributor

Re: Disable telnet/ssh login for certain user

Sajjad,

Don't forget to give pionts.
Mark Nieuwboer
Esteemed Contributor

Re: Disable telnet/ssh login for certain user

Hi Sajjad,

Your right my sollution don't prevent that the can lock the user. It will prevent to log on as that user. etc/profile is executed with al attemps of a valid user. futher more you must have disipline your people or kick temp for trying to hack.
solution above is a good one.

grtz, Mark