if you want to limit you user you can chroot them so that they cant access anything apart from there home dir do achieve this you can use something like vsftpd which has a file that you enter users that you want to chroot it has other features that you can explore by yourself!! and i i agree that you should not use telnet in the first place ..but if you want to limit telnet you can do it with an ipchain rule but i think you should use ssh
thats ma 2 cents :) hope it is some help -----Original Message----- From: Andreas Heinlein [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 13, 2001 11:05 AM To: [EMAIL PROTECTED] Subject: Re: Tcp-wrapper question ! On 11 Nov 2001 at 0:00, Emre Yildirim wrote: > I have a better idea. Just set his shell to /dev/null or /bin/passwd in > the passwd file. That way he can still FTP in, but when he tries to > telnet into the box, he will only get a "connection closed" or a "Enter > new password:" prompt. I don't know for sure about RedHat (never used it), but on Debian and SuSE "/bin/false" exists for this purpose. /dev/null or /bin/passwd would of course work as long as you put them in /etc/shells, so that they are recognized as a valid shell. Many FTP-Servers check for the user having a valid shell before allowing to log in. If you obviously don't want your user to execute something on your server or see files he/she shouln't see, you'd better check your FTP- Server, too. FTP has commands to execute programs on the server, make sure they are disabled. Proftpd is a fairly good and configurable server that can be configured to let certain users access only certain directories. > If I was you, I wouldn't run telnet in the first place. Well, I agree ;-) Bye, Andreas
