Re: Restricting logins by IP address
From: Alexander Klimov (alserkli_at_inbox.ru)
Date: Tue, 25 Oct 2005 00:05:35 +0200 (IST) To: Keenan Smith <firstname.lastname@example.org>
> On 10/19/05, Keenan Smith <email@example.com> wrote:
> > Similar to the way root can be restricted to logging in only at the
> > console, is it possible to restrict logins by regular users to specific
> > IP addresses?
> > What I've got is a directory "ABC" and a user "Larry". I setup Larry to
> > have ABC as his home directory. What I want to do is restrict Larry's
> > login to a specific IP address so if he attempts a login from computer
> > "123" it will succeed but if he tries from computer 456, it will fail.
On Fri, 21 Oct 2005, ilaiy wrote:
> Try using /etc/hosts.allow Give the IP address of which you would
> want to allow and your /etc/hosts.deny should look like this
> ALL: ALL
Yes, tcp wrappers is a good solution if it is really what you need.
Unfortunately, it does not solve the stated problem (at least, not how
I understood it): it allows you to limit *all* the connection to a set
of IPs, but it does not allow to restrict Larry's logins to one IP,
and John's logins to some other IP.
-- Regards, ASK