HPE Community
Operating System - HP-UX
1836636 Members
1990 Online
110102 Solutions
New Discussion

Re: access via X

 
SOLVED
Go to solution
Piotr Pyda
Advisor

‎12-04-2005 09:11 PM

‎12-04-2005 09:11 PM

access via X

I have 11.11, how to limit access via X to server ?
0 Kudos
6 REPLIES 6
Robert-Jan Goossens_1
Honored Contributor

‎12-04-2005 09:15 PM

‎12-04-2005 09:15 PM

Re: access via X

Hi Piotr,

Check this doc.

Title: Several options to prevent login to CDE
Document ID: CDEKBRC00006846

http://www4.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000080093577

Regards,
Robert-Jan
0 Kudos
Piotr Pyda
Advisor

‎12-04-2005 11:35 PM

‎12-04-2005 11:35 PM

Re: access via X

Changes did't help.
Still I can login to server, I use log in direct via REFLECION
0 Kudos
Peter Godron
Honored Contributor

‎12-05-2005 01:22 AM

‎12-05-2005 01:22 AM

Re: access via X

Piotr,
what are you trying to limit access to?
Only X sessions allowed to connect?
0 Kudos
Joel Girot
Trusted Contributor

‎12-05-2005 07:23 PM

‎12-05-2005 07:23 PM

Solution

Re: access via X

Hi Piotr,

To limit access by host, see /etc/dt/config/Xaccess file.
This file contains a list of host names which are allowed or denied XDMCP connection access to this machine.
example :
hpjg.gvr.com # grant service to this host
!* # denied service to all others remote displays

To limit access by user, see /etc/dt/config/Xstartup file and add limitation like this :
#only root can use DCE
case "$USER" in
root)
: # do nothing
;;
*)
exit 1
;;
esac
###############################

and add file /etc/dt/config/Xsession.d/0001.nologin :
#!/usr/bin/ksh

#only root can use DCE
case "$USER" in
root)
: # do nothing
;;
*)
/usr/dt/bin/dterror.ds \
'Login to CDE denied for this user\n' \
'nologin' \
'OK'
exit 1
;;
esac
###############################

Rgds, Joel.
0 Kudos
Piotr Pyda
Advisor

‎12-05-2005 08:55 PM

‎12-05-2005 08:55 PM

Re: access via X

it's OK, Thanks for help
0 Kudos
Piotr Pyda
Advisor

‎12-05-2005 08:59 PM

‎12-05-2005 08:59 PM

Re: access via X

.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.