HPE Community
Operating System - HP-UX
1833589 Members
3815 Online
110061 Solutions
New Discussion

Re: restrict access to telnet

 
SOLVED
Go to solution
Andres Martinez
New Member

‎10-16-2001 06:25 AM

‎10-16-2001 06:25 AM

restrict access to telnet

How can I restrict access to telnet by user name but other user can access by su

Thanks in advance
0 Kudos
Reply
7 REPLIES 7
harry d brown jr
Honored Contributor

‎10-16-2001 06:31 AM

‎10-16-2001 06:31 AM

Re: restrict access to telnet

You want to restrict users from using telnet on a machine or to a machine. By referencing "su", I'm assuming you are talking about using telnet on a machine to get to another. You could change the permissions on telnet, which should be r-xr-xr-x right now, to r-x------.
Live Free or Die
0 Kudos
Reply
Andres Martinez
New Member

‎10-16-2001 06:47 AM

‎10-16-2001 06:47 AM

Re: restrict access to telnet

No, I want that user named notelnet (by example) can't make telnet, but user named pepe (by example) can make telnet and can make su notelnet from his session.
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎10-16-2001 06:53 AM

‎10-16-2001 06:53 AM

Re: restrict access to telnet

Change the permissions to r-xr-x--- (chmod 550), then change the group to "telnets" (chgrp telnets /usr/bin/telnet). Add the users you want to the "telnets" group in /etc/group.

Now if you want to restrict users from telnetting into your machine use inetd.sec (see man pages).
Live Free or Die
0 Kudos
Reply
Hamdy Al-Sebaey
Regular Advisor

‎10-16-2001 07:10 AM

‎10-16-2001 07:10 AM

Re: restrict access to telnet

Harry,
it also possible as U say to use inetd.sec to restirct of using telnet fo some users.
Andres, U need to create this file inetd.sec onder /var/adm, inh this file u can put the name of the user or the ip adr.of his pc to prevent hem from using telnet example

telnet deny (username or ip adres.)
regards,
Hamdy
Thanks for sharing knowledge
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎10-16-2001 07:26 AM

‎10-16-2001 07:26 AM

Re: restrict access to telnet

Hamdy,

I think he is talking about a user logged into serverA trying to execute a telnet to another server.

If he is talking about restricting someone from logging into serverA using telnet, then he needs to use the inetd.sec file in /var/adm/.

harry
Live Free or Die
0 Kudos
Reply
Andres Martinez
New Member

‎10-16-2001 07:27 AM

‎10-16-2001 07:27 AM

Re: restrict access to telnet

inetd.sec don't permit use username or I don't use it
0 Kudos
Reply
Wodisch
Honored Contributor

‎10-16-2001 07:29 AM

‎10-16-2001 07:29 AM

Solution

Re: restrict access to telnet

Hello Andres,

if I got you right, you will have to enter something into ALL login scripts (TELNET,RLOGIN,XDMCP) and in there do something like:

case "$0" in
-su|su) echo ok ;;
*) echo "no"; exit 1 ;;
esac

HTH,
Wodisch
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.