- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: file server access control
Operating System - HP-UX
1753521
Members
6243
Online
108795
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-20-2000 02:29 AM
тАО07-20-2000 02:29 AM
file server access control
Hi,
How can I prevent the regular users of my file server from telnet, rlogin..etc? They only can mount their home directory from file server. But administrators still can get through it by those services.
Thanks,
How can I prevent the regular users of my file server from telnet, rlogin..etc? They only can mount their home directory from file server. But administrators still can get through it by those services.
Thanks,
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-20-2000 02:57 AM
тАО07-20-2000 02:57 AM
Re: file server access control
Hi,
Several possibilities:
- You could use the file /var/adm/inetd.sec to restrict access to those service if coming from certain hosts (cfr manpage inetd.sec(4)). This also means that administrators will not be able to use the services from a 'normal user's' host.
- You could specify /bin/false as the login shell for those users not allowed to login. They would still be able to use the telnet, ... services, but they cannot login using their username.
Hope this helps,
Rik
Several possibilities:
- You could use the file /var/adm/inetd.sec to restrict access to those service if coming from certain hosts (cfr manpage inetd.sec(4)). This also means that administrators will not be able to use the services from a 'normal user's' host.
- You could specify /bin/false as the login shell for those users not allowed to login. They would still be able to use the telnet, ... services, but they cannot login using their username.
Hope this helps,
Rik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-20-2000 03:20 AM
тАО07-20-2000 03:20 AM
Re: file server access control
I agree with Rik. I would start by disabling all services on the server that are not required in the /etc/inetd.conf file.
some of the services that are not usually required are: finger, exec, uucp, inetd internal services (daytime time echo discard chargen), and rpc services.
After you have made those changes, modify the /var/adm/inetd.sec file to either allow certain hosts or networks access or deny certain hosts or networks access.
Good Luck,
Brian
<*(((>< er
some of the services that are not usually required are: finger, exec, uucp, inetd internal services (daytime time echo discard chargen), and rpc services.
After you have made those changes, modify the /var/adm/inetd.sec file to either allow certain hosts or networks access or deny certain hosts or networks access.
Good Luck,
Brian
<*(((>< er
Perception IS Reality
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-20-2000 07:59 AM
тАО07-20-2000 07:59 AM
Re: file server access control
Do not forget to recycle the inetd daemon after modification: inetd -c
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP