HPE Community
Operating System - HP-UX
1837280 Members
2951 Online
110115 Solutions
New Discussion

Re: restricting the telnet sessions

 
ssudhir
Advisor

‎03-12-2003 11:11 PM

‎03-12-2003 11:11 PM

restricting the telnet sessions



Hi All


I hv a querry ..

Basically i am having a 2 D Class running HP-Unix 10.20 clustured with M/C Service gaurd.

I hav arround 100 user usesing terminal servers ports and some of them useing telnet session.

Because of improper session completion of the users the number of orphan process increases day by day. As it is a live server we cant take a shutdown frequently..


So now my query is can i restrict the number of telnet session used .

say for example only 5-10 user should use the telnet session simutaneously. and other should wait for their turn

And please let me know if u want any other additional information

Thank you.

ssudhir

Laughter is the best medicine
0 Kudos
Reply
3 REPLIES 3
Alexander M. Ermes
Honored Contributor

‎03-12-2003 11:36 PM

‎03-12-2003 11:36 PM

Re: restricting the telnet sessions

Hi there.
Perhaps you can restrict the number of telnet sessions by changing the kernel parameter

nstrtel 2400 2400 Static N/A Number of Telnet Session Device Files

Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
Yogeeraj_1
Honored Contributor

‎03-12-2003 11:53 PM

‎03-12-2003 11:53 PM

Re: restricting the telnet sessions

hi,


For 10.30:

Beginning with HP-UX 10.30, the pseudo-terminal in the telnet/telnetd
internet service uses two STREAMS-based pseudo-terminal drivers (telm
and tels). Because of this, you must tune NSTRTEL, a new kernel
parameter for telnet pseudo-terminals.

NSTRTEL specifies the number of telnet slave devices to be created. The
number of telnet sessions is limited by the value of NSTRTEL. The
default value of NSTRTEL is 60 and the maximum possible value is set by
MAX_STRTELS. Note that if you want to change the value of NSTRTEL, you
can use SAM, but you can only increase the value beyond the default of
60 (you cannot make the value less than 60). If you do increase the
value, the additional devices will automatically be created. If a user
tries to telnet to a system that does not have any telnet
pseudo-terminals available, an appropriate error message is displayed.

The device files are placed in /dev/pts and are named "t0", "t1", and so
on.

For more information on telnet, refer to the telnet(1) and telnetd(1M)
manpages.


hth
Yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Reply
Michael Tully
Honored Contributor

‎03-12-2003 11:59 PM

‎03-12-2003 11:59 PM

Re: restricting the telnet sessions

Your best bet would to create a script that does an evaluation of the number of users currently logged on. One of the best ways to do this would be:

User attempts to log in. During the /etc/profile process, a script is run to see how many users are currently logged in. If that number exceeds 10 or whatever, the user session is terminated. Doing it this way will enable you to not only track who is attempting to log in but also not worry about kernel parameters.
Anyone for a Mutiny ?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.