HPE Community
Operating System - HP-UX
1855729 Members
7221 Online
104103 Solutions
New Discussion

Re: Config Autherative host for root access

 
Niraj Kumar Verma
Trusted Contributor

‎03-20-2003 08:51 PM

‎03-20-2003 08:51 PM

Config Autherative host for root access

Hi,

I have 10 HP-UX servers, I wanted to confuigure a autherative host for root login.

I mean I wanted to allow the root login to these hp-ux servers only from the autherative host(xxx.xxx.xxx.xxx) and not from any machine ip.

Can any one help me in achiving this ??? I know OS version is not neede bet i still give some info.

========================
# uname -a
HP-UX HPHOST1 B.11.11 U 9000/800 12345678 unlimited-user license

Thanks & Regards
-Niraj
Niraj.Verma@philips.com
0 Kudos
Reply
6 REPLIES 6
RAC_1
Honored Contributor

‎03-20-2003 09:01 PM

‎03-20-2003 09:01 PM

Re: Config Autherative host for root access

You have few options here.

1 Code in /etc/profile.
user=`LOGNAME`
ip=autherative host ip

if [ $user=root -a $ip="autherative host ip" ]
then
echo "Root allowed from $ip"
else
echo "No root login other than authorative ip"
exit
fi

2 Install tcp wrappers.

3 add telnet service as some other name. Allow this service only from authorative ip.
There is no substitute to HARDWORK
0 Kudos
Reply
Niraj Kumar Verma
Trusted Contributor

‎03-20-2003 09:03 PM

‎03-20-2003 09:03 PM

Re: Config Autherative host for root access

Hi Anil,

I have tcpwrapper installed,
can you specify what is the configuration of hosts.allow or hosts.deny to config the autherative host.

Thanks

-Niraj
Niraj.Verma@philips.com
0 Kudos
Reply
RAC_1
Honored Contributor

‎03-20-2003 09:20 PM

‎03-20-2003 09:20 PM

Re: Config Autherative host for root access

Never used that, but it is like

service.allow ip

where service = telnet,ftp etc
allow - allow
ip allow from this ip. ALL is allow for all.
There is no substitute to HARDWORK
0 Kudos
Reply
Niraj Kumar Verma
Trusted Contributor

‎03-20-2003 09:32 PM

‎03-20-2003 09:32 PM

Re: Config Autherative host for root access

hi,

As per my knowledge goes i can only restrict the services which are there in /etc/services using tcp wrapper, and not the user login control.


coming to your first suggesation .profile

How do I get the IP of the machine which is doing telnet during login time ? so that I can check against my specified IP.

regarding your 3 opting , I cannot implement it because
machine is a production machine used by several users.

Thnaks for the reply.
-Niraj
Niraj.Verma@philips.com
0 Kudos
Reply
Niraj Kumar Verma
Trusted Contributor

‎03-21-2003 01:39 AM

‎03-21-2003 01:39 AM

Re: Config Autherative host for root access

Hello experts,

any help on my question ???

regards
-Niraj
Niraj.Verma@philips.com
0 Kudos
Reply
Niraj Kumar Verma
Trusted Contributor

‎03-23-2003 06:22 PM

‎03-23-2003 06:22 PM

Re: Config Autherative host for root access

Hello experts,

any help on my question ???

regards
-Niraj
Niraj.Verma@philips.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.