https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595771#M33353 inetd.sec don't permit use username or I don't use it Tue, 16 Oct 2001 14:27:00 GMT Andres Martinez 2001-10-16T14:27:00Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595765#M33347 How can I restrict access to telnet by user name but other user can access by su<BR /><BR />Thanks in advance Tue, 16 Oct 2001 13:25:12 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595765#M33347 Andres Martinez 2001-10-16T13:25:12Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595766#M33348 You want to restrict users from using telnet on a machine or to a machine. By referencing "su", I'm assuming you are talking about using telnet on a machine to get to another. You could change the permissions on telnet, which should be r-xr-xr-x right now, to r-x------. Tue, 16 Oct 2001 13:31:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595766#M33348 harry d brown jr 2001-10-16T13:31:47Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595767#M33349 No, I want that user named notelnet (by example) can't make telnet, but user named pepe (by example) can make telnet and can make su notelnet from his session. Tue, 16 Oct 2001 13:47:32 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595767#M33349 Andres Martinez 2001-10-16T13:47:32Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595768#M33350 Change the permissions to r-xr-x--- (chmod 550), then change the group to "telnets" (chgrp telnets /usr/bin/telnet). Add the users you want to the "telnets" group in /etc/group.<BR /><BR />Now if you want to restrict users from telnetting into your machine use inetd.sec (see man pages). Tue, 16 Oct 2001 13:53:38 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595768#M33350 harry d brown jr 2001-10-16T13:53:38Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595769#M33351 Harry,<BR />it also possible as U say to use inetd.sec to restirct of using telnet fo some users.<BR />Andres, U need to create this file inetd.sec onder /var/adm, inh this file u can put the name of the user or the ip adr.of his pc to prevent hem from using telnet example<BR /><BR />telnet deny (username or ip adres.)<BR />regards,<BR />Hamdy<BR /> Tue, 16 Oct 2001 14:10:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595769#M33351 Hamdy Al-Sebaey 2001-10-16T14:10:47Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595770#M33352 Hamdy,<BR /><BR />I think he is talking about a user logged into serverA trying to execute a telnet to another server.<BR /><BR />If he is talking about restricting someone from logging into serverA using telnet, then he needs to use the inetd.sec file in /var/adm/.<BR /><BR />harry Tue, 16 Oct 2001 14:26:22 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595770#M33352 harry d brown jr 2001-10-16T14:26:22Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595771#M33353 inetd.sec don't permit use username or I don't use it Tue, 16 Oct 2001 14:27:00 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595771#M33353 Andres Martinez 2001-10-16T14:27:00Z https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595772#M33354 Hello Andres,<BR /><BR />if I got you right, you will have to enter something into ALL login scripts (TELNET,RLOGIN,XDMCP) and in there do something like:<BR /><BR />case "$0" in<BR /> -su|su) echo ok ;;<BR /> *) echo "no"; exit 1 ;;<BR />esac<BR /><BR />HTH,<BR />Wodisch Tue, 16 Oct 2001 14:29:54 GMT https://community.hpe.com/t5/operating-system-hp-ux/restrict-access-to-telnet/m-p/2595772#M33354 Wodisch 2001-10-16T14:29:54Z