HPE Community
Operating System - HP-UX
1832973 Members
2669 Online
110048 Solutions
New Discussion

Re: Multiple Telnet Sessions by one user

 
SOLVED
Go to solution
Darrell Albee
Advisor

‎12-05-2001 01:05 PM

‎12-05-2001 01:05 PM

Multiple Telnet Sessions by one user

Is there a way (probably by a script) to limit a users number of connections by I/P address. Here, all users login at the unix level with the same user id and within our software is where we have user specific security setup. The problem we are having is, within our software we have a specific number of licenses and at the unix level we have unlimited. We keep running out of licenses in our software because of users logging into the system more than once through the network. Does anyone have any suggestions?
0 Kudos
Reply
10 REPLIES 10
Sanjay_6
Honored Contributor

‎12-05-2001 01:09 PM

‎12-05-2001 01:09 PM

Re: Multiple Telnet Sessions by one user

Hi Darrell,

I don't think there is any easy way to do this.

Thanks
0 Kudos
Reply
G. Vrijhoeven
Honored Contributor

‎12-05-2001 01:11 PM

‎12-05-2001 01:11 PM

Re: Multiple Telnet Sessions by one user

Hi,

when a user logs in the .profile is run. You can build in a check like this:

TEST=`ps -u `logname` | grep application_name`
if [ "$TEST" -eq "" ]
then
exit 0
fi

Hope this will help,

Gideon
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎12-05-2001 01:11 PM

‎12-05-2001 01:11 PM

Re: Multiple Telnet Sessions by one user

Hi Darrell,

What a great first name!

Here's some threads to check:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x101372106351d5118fef0090279cd0f9,00.html

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xb16b972194d6d5118ff40090279cd0f9,00.html

I'm sure you can find more using the search feature. And you can also go to search.hp.com where you might get more hits.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Craig Rants
Honored Contributor

‎12-05-2001 01:13 PM

‎12-05-2001 01:13 PM

Re: Multiple Telnet Sessions by one user

Not by IP, but you could by userid. However, necessity is the mother of all invention. I'm sure that you probably can figure something out.

Good Luck,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎12-05-2001 01:14 PM

‎12-05-2001 01:14 PM

Re: Multiple Telnet Sessions by one user

Hi,

Keep this small script in your /etc/profile

This will not allow more than two telnet sessions.

NO=`who -R |grep $LOGNAME|wc -l`
if [ $NO -ge 2 ]
then
echo "You are not allowed to telnet more than twice"
exit 1
fi

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎12-05-2001 01:18 PM

‎12-05-2001 01:18 PM

Solution

Re: Multiple Telnet Sessions by one user

Ooops.. You wanted by IP.. you can modify the same script like this.

IP=`who -mR |awk '{FS="(";print $2}'|awk '{FS=")";print $1}'`
NO=`who -R |grep $IP|wc -l`
if [ $NO -ge 2 ]
then
echo "You are not allowed to login more than twice
from $IP"
exit 1
fi

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
Reply
James R. Ferguson
Acclaimed Contributor

‎12-05-2001 01:19 PM

‎12-05-2001 01:19 PM

Re: Multiple Telnet Sessions by one user

Hi Darrell:

Since you indicate that every user uses the same login, you will have to track by IPAddress or hostname.

Consider adding a snippet of code to /etc/profile that runs 'last' and looks for a match against 'who -m' and if matched, exits.

Regards!

...JRF...
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎12-05-2001 01:19 PM

‎12-05-2001 01:19 PM

Re: Multiple Telnet Sessions by one user

Guys,

He does not want to restrict the userid since all his users use the same user id. He wants to restrict multiple login from a particular ip workstation. Say only two telnet logins from any workstation. If more than two telnet sessions from a single ip, it should block/exit that telnet session.

Thanks


0 Kudos
Reply
G. Vrijhoeven
Honored Contributor

‎12-05-2001 01:25 PM

‎12-05-2001 01:25 PM

Re: Multiple Telnet Sessions by one user

Hi,

ok just add :

TEST=`ps -ef | grep application | wc -l`
if [ $TEST -lt n ]
n=number of licenses

Gideon
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎12-05-2001 01:59 PM

‎12-05-2001 01:59 PM

Re: Multiple Telnet Sessions by one user

Hi again,

Sri has your answer. Personally I like using who -u because you can get the IP with awk using {print $NF}

You may also want to grep the who output for the common login in case some are allowed to login as the common user as well as a normal account.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.