>
> On a RedHat 5.1 Linux machine I have an accout that I want to be shared by three
>people. This three people must have full access.
>
> I want to setup this account so the users can login only from their Linux machines
>(host1.domain1, host2,domain2 and host3.domain3). Also, I want to allow them to
>connect only ussing ssh, but no telnet.
>
> I modified the file /etc/security/access.conf, adding the line:
>
> -:account_name:ALL EXCEPT LOCAL host1.domain1 host2.domain2 host3.domain3
>
> but it wasn't work. I don't know what else to do. Also, I have no ideea yet how to
>reject all telnet connections, but to allow connection with ssh.
>
> A complete and concrete example wich tell me what files to modify and how to modify
>should be perfect.
>
> Thanx in advance,
> George Adam
>
> P.S. I read manuals and howto pages.
>
>
> ---------------------------------------------------
> Get free personalized email at http://www.iname.com
>
try hosts.allow and hosts.deny
For extra security there is a program called tcpdump that can use
hosts.allow and hosts.deny for allowing/retristing all programs run from
inetd (telnet, ftp, pop3, smtp) provide you run them from inetd, sendmail
doesn't natively run from there. The document included is well written
and the program is even better written, installs really easy on any
unix...
On a side note, shareing accounts isn't the best thing to do in an
envorment you are tring to secure, I've been told many times that this is
not the best idea. What you could do is make 3 separte accounts, and a
new group that only has these 3 users in it, they would still be able to
access everyones else files.
