Re: Question restricting ssh access for some users only

From: Kevin (coggy_at_redefine.org)
Date: 10/07/04

  • Next message: Jim Hatfield: "Re: Question restricting ssh access for some users only"
    Date: Thu, 07 Oct 2004 13:14:07 -0700
    To: freebsd-security@freebsd.org
    
    

    Jim Hatfield wrote:
    > Now I want to create a new account on one machine which will be
    > accessible from the Internet as a whole, to be used for tunnelling of
    > SMTP and POP3. I can't predict what the client IP address will be so I
    > will have to remove the hosts.allow restriction. Is there any way I
    > can:

    have you tried using /etc/login.access?

    # Login access control table.
    #
    # When someone logs in, the table is scanned for the first entry that
    # matches the (user, host) combination, or, in case of non-networked
    # logins, the first entry that matches the (user, tty) combination. The
    # permissions field of that table entry determines whether the login will
    # be accepted or refused.
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Jim Hatfield: "Re: Question restricting ssh access for some users only"

    Relevant Pages

    • Apparent NetBIOS Attack - How Dangerous?
      ... that some individual (from the Internet) is attempting to log into ... The logon to account: ... As the login attempts occur after packets are sent to local port 137 ... still appear on the Event Viewer security protocol. ...
      (microsoft.public.win2000.security)
    • Re: Cant login
      ... It gets to authenticating and hangs there. ... Account page asks ... for pass and login and then gets an error. ... All my internet other than wow is ...
      (alt.games.warcraft)
    • Re: Feature Suggestion: Laptop Logon Security
      ... why there would be any advantage to using an identical account name ... how this would prevent internet hackers from using the account SID ... instead of the name to login as the privileged user name anyways [often, ... > username, but a blank password. ...
      (microsoft.public.security)
    • Re: Apparent NetBIOS Attack - How Dangerous?
      ... Are you using a firewall such as a personal firewall or a hardware device - ... that some individual (from the Internet) is attempting to log ... the individual basically uses every account available in our ... > then the user attempts to login with one or more of these accounts. ...
      (microsoft.public.win2000.security)
    • Weakness introduced by denying remote logins on AIX, possibly others
      ... AIX 4.3.3 and AIX 5.1, ... is possible to remotely enumerate the passwords of a known AIX account. ... believed to be in the response from the login program after authentication ... Give accounts that have been restricted from remote logins strong passwords. ...
      (Security-Basics)