HPE Community
Operating System - HP-UX
1834634 Members
3061 Online
110069 Solutions
New Discussion

Restricted Telnet

 
Anshumali
Esteemed Contributor

‎08-01-2007 10:31 PM

‎08-01-2007 10:31 PM

Restricted Telnet

Okay....i am stuck again.... :)

What i need is:
Create a user with shell accesss and should be able to do cd within his home directory only. Other words chrooting the home directory.
I have followed sugegstions in threads but somehow no luck.
Password file looks like:
anstest:*:105:20:Anshu Test Shell,,,:/home/anstest/./:/bin/sh

And the /etc/profile contains:

if [ "$LOGNAME" = anstest ]
then
chroot /home/anstest
fi

what is missing here? Anything else to configure.

OS 11.11

Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
11 REPLIES 11
Steven Schweda
Honored Contributor

‎08-02-2007 12:06 AM

‎08-02-2007 12:06 AM

Re: Restricted Telnet

> what is missing here?

An explanation of what, exactly, "no luck"
means. What happens? What doesn't work?
0 Kudos
Ralf Seefeldt
Valued Contributor

‎08-02-2007 12:08 AM

‎08-02-2007 12:08 AM

Re: Restricted Telnet

Hello Anshumali,

if you use an * in /etc/passwd, unles you don't use a secure system, you disable login for that user.

man passwd

What exactly are your problems? Can you log in? Do you have to many or to little permissions?

Bye
Ralf
0 Kudos
Ivan Ferreira
Honored Contributor

‎08-02-2007 12:27 AM

‎08-02-2007 12:27 AM

Re: Restricted Telnet

I'm not sure if you can do this with telnet, with SSH is possible and you should by now, use SSH.

The chroot command requieres:

1- An chroot environment created
2- A command to execute
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
spex
Honored Contributor

‎08-02-2007 12:30 AM

‎08-02-2007 12:30 AM

Re: Restricted Telnet

Perhaps rsh (Restricted Shell) would be a better fit for your needs. See "rsh Restrictions" in the sh-posix(1) man for more information.
0 Kudos
Anshumali
Esteemed Contributor

‎08-02-2007 12:57 AM

‎08-02-2007 12:57 AM

Re: Restricted Telnet

Yes Its a trusted System, that why password field is *
What doesnt work?:
Logging the same anstest user, user can navigate to all the file system. it doesnt show as homedir as chrooted directory.

rsh:
Yes...i gave it a try but it doesnt provide access to cd command. Is there anyway to provide access to cd command in rsh? User should be able to traverse down from his home directory, but not upwards...thats the reason i went for chroot method.

Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
Anshumali
Esteemed Contributor

‎08-02-2007 12:59 AM

‎08-02-2007 12:59 AM

Re: Restricted Telnet

Ivan,

Any pointers/threads how to get this done with SSH. I would surely give it a try. Ofcourse, auditors will be happy as well. ;)

Thanks,
Anshu
Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
HGN
Honored Contributor

‎08-02-2007 01:01 AM

‎08-02-2007 01:01 AM

Re: Restricted Telnet

Hi

Ours is also a trusted system but we have implemented with ssh (chroot'd env) amd know for sure it works.

Rgds

HGN
0 Kudos
Anshumali
Esteemed Contributor

‎08-02-2007 01:06 AM

‎08-02-2007 01:06 AM

Re: Restricted Telnet

HGN,

Is there any doc to configure chrooted env with SSH or the above settings are similar with ur env and works well when SSH is installed. Any specific config in SSH?
Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
Anshumali
Esteemed Contributor

‎08-02-2007 01:16 AM

‎08-02-2007 01:16 AM

Re: Restricted Telnet

i got
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1122269
will try it out....still appreciate if anyone can shed light on the original question :)
Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
rariasn
Honored Contributor

‎08-08-2007 11:14 PM

‎08-08-2007 11:14 PM

Re: Restricted Telnet

Hi Anshumali,

/opt/ssh/README_chroot.html

rgs,
0 Kudos
Anshumali
Esteemed Contributor

‎08-12-2007 05:36 PM

‎08-12-2007 05:36 PM

Re: Restricted Telnet

Syntax issue
/opt/ssh/README_chroot.html helped and the responses above
Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.