https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383380#M747409 HI everyone,<BR /><BR />I've been doing some searches and found a couple of threads similar to this one : <BR /><A href="http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=469590" target="_blank">http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=469590</A><BR /><BR />but unfortunately, I was looking more for somehting that equates to the "REMOTE LOGIN ALLOWED" characteristic on AIX. <BR /><BR />Does anyone know if that is AIX specific.. or is there a file somewhere that could contain this security feature? <BR /><BR />Thanks<BR /><BR />Marco Tue, 21 Sep 2004 10:02:17 GMT Marco Santerre 2004-09-21T10:02:17Z https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383380#M747409 HI everyone,<BR /><BR />I've been doing some searches and found a couple of threads similar to this one : <BR /><A href="http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=469590" target="_blank">http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=469590</A><BR /><BR />but unfortunately, I was looking more for somehting that equates to the "REMOTE LOGIN ALLOWED" characteristic on AIX. <BR /><BR />Does anyone know if that is AIX specific.. or is there a file somewhere that could contain this security feature? <BR /><BR />Thanks<BR /><BR />Marco Tue, 21 Sep 2004 10:02:17 GMT https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383380#M747409 Marco Santerre 2004-09-21T10:02:17Z https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383381#M747410 If you can explain us what exactly your "REMOTE LOGIN ALLOWED" achieves in AIX, I am sure forum folks can come up with good suggestions :-) Tue, 21 Sep 2004 10:22:40 GMT https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383381#M747410 Sundar_7 2004-09-21T10:22:40Z https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383382#M747411 I apologize for not explaining.. <BR /><BR />The remote login characteristic in AIX basically stops someone from logging in using that User ID from anywhere remote (rsh, telnet, etc.. ) but doesn't stop it from local (ex. console, and applications using that User ID) <BR /><BR />As I mentionned I followed a couple of threads that discussed forcing su for generic IDs.. and it goes along that line but, in AIX, they get that with a User characteristic.. was wondring if the same thing can be found on HP-UX.. Tue, 21 Sep 2004 10:44:54 GMT https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383382#M747411 Marco Santerre 2004-09-21T10:44:54Z https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383383#M747412 For root, you have /etc/securetty file that you can use to restrict the terminals from which root is allowed to login.<BR /><BR />But for other normal users, there is no direct straight-forward way to achieve this.<BR /><BR />You might have to do little scripting.<BR /><BR />You can try somehting like this<BR /><BR /># vi /etc/profile<BR />..<BR />..<BR />grep -q "^$LOGNAME" /etc/RES_USRS &gt; /dev/null 2&gt;&amp;1<BR />if [ $? -eq 0 ]<BR />then<BR /> grep "^$LOGNAME" /etc/RES_USRS | grep -q `tty` &gt;/dev/null 2&gt;&amp;1<BR /> if [ $? -ne 0 ]<BR /> then<BR /> echo "User $LOGNAME is not allowed to login from Terminal: `tty`"<BR /> exit 1<BR /> fi<BR />fi<BR /><BR />#<BR /><BR /># vi /etc/RES_USRS<BR />user1 /dev/console /dev/term01 /dev/term02<BR />user2 /dev/console<BR />user3 /dev/term03<BR />..<BR />..<BR />#<BR /><BR />But note, if the user's login shell is CSH, /etc/profile wont be executed and thus the user can remote login to the system.<BR /> Tue, 21 Sep 2004 11:18:45 GMT https://community.hpe.com/t5/operating-system-hp-ux/remote-login-user-characteristics/m-p/3383383#M747412 Sundar_7 2004-09-21T11:18:45Z