https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018676#M5581 perhaps editing /etc/security/access.conf<BR />will help you to solve your problem.<BR />you can specify if a specific user/group can/can't login from specific machine<BR />see the file for examples. Wed, 09 Jul 2003 08:59:31 GMT Alexander Chuzhoy 2003-07-09T08:59:31Z https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018674#M5579 Hi all!<BR />Is it possible to restrict the use of a daemon to a specific user on a specific host?<BR />For example:<BR />allow telnet connection from 10.10.10.1 for user root only.<BR /><BR />P.S. /etc/hosts.allow: "in.telnetd: root@10.10.10.1" does not work. <BR /><BR />Sergejs Wed, 09 Jul 2003 05:53:01 GMT https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018674#M5579 Sergejs Svitnevs 2003-07-09T05:53:01Z https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018675#M5580 edit the deamon-specific file in /etc/xinetd.d/,<BR />adding the line 'only_from = <IP> ... <IP>'.<BR /><BR />this lets you to filter specific ip addresses.<BR /><BR />regarding the users, I think you should work on the configuration of the specific deamon. xinetd manages only the network connections.<BR /><BR />look at man xinetd.conf, man xinetd<BR /><BR />Ciao<BR />Claudio</IP></IP> Wed, 09 Jul 2003 06:29:15 GMT https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018675#M5580 Claudio Cilloni 2003-07-09T06:29:15Z https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018676#M5581 perhaps editing /etc/security/access.conf<BR />will help you to solve your problem.<BR />you can specify if a specific user/group can/can't login from specific machine<BR />see the file for examples. Wed, 09 Jul 2003 08:59:31 GMT https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018676#M5581 Alexander Chuzhoy 2003-07-09T08:59:31Z https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018677#M5582 My look at prior threads shows they stop all logins, not for a specific daemon.<BR /><BR />As far as root goes, Linux specifically is configured to prevent root telnet login due to the security hazard.<BR /><BR />Better off with openssh. Exchange public keys and do the login thing without passwords at all.<BR /><BR />Doc attached.<BR /><BR />SEP Wed, 09 Jul 2003 11:01:35 GMT https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018677#M5582 Steven E. Protter 2003-07-09T11:01:35Z https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018678#M5583 Alexander,<BR />I have placed in /etc/pam.d/login the following line: account required /lib/security/pam_access.so. Then in /etc/security/access.conf placed:<BR />-:ALL EXCEPT root:10.10.10.1<BR /><BR />It doesn`t seems to work.<BR />Anyone out there who has successfully implemented /etc/security/access.conf?<BR /><BR />Sergejs Wed, 09 Jul 2003 12:13:12 GMT https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018678#M5583 Sergejs Svitnevs 2003-07-09T12:13:12Z https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018679#M5584 sorry,bro<BR />I forgot to mention<BR />you should also add a line in<BR />/etc/pam.d/login<BR />right after the "account" line<BR />it should look like this<BR />account required pam_access.so<BR /><BR />do it and it will work Wed, 09 Jul 2003 14:05:41 GMT https://community.hpe.com/t5/operating-system-linux/hosts-allow-and-username-lookup/m-p/3018679#M5584 Alexander Chuzhoy 2003-07-09T14:05:41Z