HPE Community
Operating System - HP-UX
1826616 Members
3183 Online
109695 Solutions
New Discussion

Re: providing specific privilages to the user's

 
gany59
Regular Advisor

‎01-15-2011 11:01 PM

‎01-15-2011 11:01 PM

providing specific privilages to the user's

Hello Guru's
I need to provide SSH access for the user called naraguna, and telnet access for some 3 to 4 users and need to deny direct root login either by SSH and telnet..

Please help me to get this clear..

Thanks in advance!!!!
0 Kudos
5 REPLIES 5
Manix
Honored Contributor

‎01-16-2011 01:48 AM

‎01-16-2011 01:48 AM

Re: providing specific privilages to the user's

Just enter 'console' in /etc/securetty and root will not be able to telnet.

If you want to block root access via SSH overall, you should set

PermitRootLogin No

in your sshd_config file.

in your sshd_config file. The location of this file varies depending on your installation of SSH. This will disallow direct SSH to the server as the root user

/sbin/init.d/sshd stop
/sbin/init.d/sshd start

let me know if it works for you.
HP-UX been always lovable - Mani Kalra
0 Kudos
nijokj
Trusted Contributor

‎01-16-2011 02:43 AM

‎01-16-2011 02:43 AM

Re: providing specific privilages to the user's

For your two querys manix alraedy given answer.

For telnet as per my understanding you can't put restritions for particular user, But you can do it on host or network level by customising /var/inetd.sec.

Customize the /var/adm/inetd.sec file to selectively allow or deny telnet access to various hosts on the network.

Telnet allow 128.1.*.* 128.2.1-8.* host1 host2 host3 host4

After editing this file issue
inetd -c command
Continually monitor the syslog and /var/adm/btmp file for failed telnet login attemps.

0 Kudos
gany59
Regular Advisor

‎01-16-2011 10:56 PM

‎01-16-2011 10:56 PM

Re: providing specific privilages to the user's

thanks,

So is there any possible way to provide the SSH access for a specific user and disable telnet for a specific user.

From the above reply i got the things clear and it works also.

please try to help on this question too.. :)
0 Kudos
nijokj
Trusted Contributor

‎01-16-2011 11:16 PM

‎01-16-2011 11:16 PM

Re: providing specific privilages to the user's

For giving limited access to some users

You do this by adding a line like this to /opt/ssh/etc/sshd_config


AllowUsers user1 user2

Restart sshd after making this change (you can even do that if you are currently logged in over ssh). Only those users will be allowd ssh access.

also refer the man pages of sshd_config
0 Kudos
gany59
Regular Advisor

‎01-17-2011 02:53 AM

‎01-17-2011 02:53 AM

Re: providing specific privilages to the user's

Thanks all for ur valuable response... :(
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.