HPE Community
Operating System - HP-UX
1833105 Members
3146 Online
110051 Solutions
New Discussion

Re: restricted telnet access

 
SOLVED
Go to solution
Paul Barmettler
Frequent Advisor

‎02-01-2005 03:09 AM

‎02-01-2005 03:09 AM

restricted telnet access

how can telnet access for a specified user be restricted?
Situation:
Server filesystem /export/TEST is already exported for everyone.

Problem:
User xxx should obtain access via telnet to directory server:/export/TEST/XXX, and must NOT be allowed to change to parent directory.

thanks for your help
Manuel Maerki
0 Kudos
Reply
5 REPLIES 5
Todd McDaniel_1
Honored Contributor

‎02-01-2005 03:37 AM

‎02-01-2005 03:37 AM

Re: restricted telnet access

Is this in regards to ftp? I know ftpaccess is an excellent way to do this exact thing.


Maybe You could make a unique group and restrict read access to the parent directory...
Unix, the other white meat.
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎02-01-2005 03:54 AM

‎02-01-2005 03:54 AM

Re: restricted telnet access

Make sure that the file system has no world access - say 750 and that the user is not the owner nor in the group that has access to that filesystem.


Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Victor BERRIDGE
Honored Contributor

‎02-01-2005 03:56 AM

‎02-01-2005 03:56 AM

Solution

Re: restricted telnet access

Hi,
In /etc/passwd, change the login shell to /usr/bin/rksh
(REstricted ksh...)
All the best
Victor
Reply
Edgar Zapata
Esteemed Contributor

‎02-01-2005 09:28 PM

‎02-01-2005 09:28 PM

Re: restricted telnet access

See if this answer from T G Manikanda helps (the credit is all his):

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=230567

Also check whether the user shell is defined in the /etc/shells file.
The /etc/shell file should look like
/usr/bin/sh
/usr/bin/ksh
Add the user's login shell here.

regards.
0 Kudos
Reply
Shantaram Sahyadri
Frequent Advisor

‎02-01-2005 09:35 PM

‎02-01-2005 09:35 PM

Re: restricted telnet access

Hi,

I had a similar requirement, this is what i did to solve it, there might be better ways of doing it,

in the /etc/passwd file where the login shell is defined I redefined it with another scrip which forks the shell for the user with chroot command. after doing this the user logs in but cannot change directory to a higher level than the users loging directory.

Cheers
Shantaram
If you dont change, you will be extinct
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.