Operating System - HP-UX
1839319 Members
2464 Online
110138 Solutions
New Discussion

Re: how to set telnet user restriction?

 
Joon
Occasional Contributor

how to set telnet user restriction?

Hi

I found telnet session restriction for a server in this forum .but in my case ,it is a little bit different from that.

I want to know how to make telnet restriction for a server.
I mean that only 5 users can access a server and then the ohters cannot access the server through TELNET.
I tried to find out ,but fail to know that.

Does anyone know how to set it up?
please.
jooni
10 REPLIES 10
Tim Adamson_1
Honored Contributor

Re: how to set telnet user restriction?

Hi,

If you only want 5 users to access a server, then only setup 5 user accounts.

Is this what you mean?


Cheers!
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
Michael Tully
Honored Contributor

Re: how to set telnet user restriction?

You could always limit the number of pseudo tty's by only having a certain number of devices in the /dev/pts directory. Just move all but the number you need to another directory, and if need be move them back later.
You could also write a script that runs from /etc/profile which looks for the number of connected users and makes a judgement on whether the number is exceeded or not before allowing or terminating the session.
Anyone for a Mutiny ?
Tim Adamson_1
Honored Contributor

Re: how to set telnet user restriction?

Hi,

As mentioned by Michael, you could restrict the number of device files, but that will still cause problems because anyone can login twice and prevent one of the allowed users from access. Obviously you have more than 5 users too.

I think the best method would be to modify the /etc/profile and only allow the 5 users in and logoff anyone else.

Cheers!
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
twang
Honored Contributor

Re: how to set telnet user restriction?

Insert the following code to /etc/profile and see if it works:

Cnt=`who -uH | cut -f1 -d' ' | wc -l`
echo "Current active sessions = ${Cnt}.";
sleep 1
if [ "${Cnt}" -gt 5 ]
then
echo "nnWarning: Too many concurrent login!"
exit
fi
unset Cnt
Tim Adamson_1
Honored Contributor

Re: how to set telnet user restriction?

Hi,

I have thought of another possibility.

You could only allow telnet access based upon their ip address. The only problem is if you have dhcp for their ip address :-(

To set that up, look at /var/adm/inetd.sec file or refer to the inetd.sec man page.


Cheers!
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
Joon
Occasional Contributor

Re: how to set telnet user restriction?

Hi all

Thanks for your reply so far.

but I don't want to know concurrent user restriction but Telnet user's connection restriction.

My Customer want to know if there is any way to restrict telnet user connection.
Not special IP using inetd.sec or concurent user restriction.

Only 5 user can connect a server through TELNET and the other users cannnot connect the server anymore after 5 user telnet connection.

Hope to explain well.
Thanks in advance.
jooni
Tim Adamson_1
Honored Contributor

Re: how to set telnet user restriction?

Hi,

Hopefully I understand correctly.

If you only want to allow a total of 5 users to be able to telnet to a server, then

On HP-UX 11.0, remove the file /dev/pts/tf. You don't have to remove any others.

That will only allow 5 telnet sessions for the server.

I hope that is what you are wanting.


Cheers!
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
RAC_1
Honored Contributor

Re: how to set telnet user restriction?

man 4 security

This was introduced through patch. This file resides (security)in /etc/default directory.

This has option as NUMBER_OF_LOGINS_ALLOWED to the no of logins you want.

Or as suggested by others you can put code.
There is no substitute to HARDWORK
Joon
Occasional Contributor

Re: how to set telnet user restriction?

Hi

I succeed to restrict user connection through removing /dev/pty/tf (in case of 5 user).thanks.

can you please let me know the script of /etc/profile for restriction telnet user connection?

I cannot find the number of user in the /etc/profile for this case.
jooni
yogesh_4
Regular Advisor

Re: how to set telnet user restriction?

If I understood it correctly...

you can make entry in /var/adm/inetd.sec for
telnet allow i/p for your 5 user and for rest of the usrs you can deny it. For more referance refere man pages of inetd.sec