Hello,
I tried to configure tcp_wrappers/ssh2 to authenticate user
log ins based on usernames. In the TCP wrappers hosts_access
man pages, it states that you should be able to use
ssh2 : username@host in the /etc/allow.hosts file
to restrict users from logging in. For example, if I only
want a selected authorized users to log in to my server,
use the above format to allow access. This method makes
it even more difficult if remote users are using their
ISP via dial-in to login remotely to the server. Their
hostnames and IP address are dynamic. Log file shows
that the user is always "UNKNOWN" and tcp_wrappers rejects
the user from logging in.
If anyone can shed some light to restrict users based
on usernames and domainnames ([EMAIL PROTECTED]),
please advice.
Thanks,
-ernest
dreamwvr wrote:
hi,
you might want to set it up to be controled by tcp_wrappers
then you can do that no problem although i have never set it
up this way myself. if memory serves use the -i switch to do
this and read the 'man' as the longer keys may apparently not
generate fast enough for the connection to not be kicked out.
Regards,
[EMAIL PROTECTED]
At 03:55 PM 5/24/99 -0700, [EMAIL PROTECTED] wrote:
>Does anyone know of a good way to have sshd check an arbitrary textfile
>full of usernames to determine whether or not to allow a login
>attempt? I'm running RedHat Linux 5.2.
>
>The `AllowUsers' configuration option which is already part of SSH
>doesn't seem to take a textfile as an argument, so that won't work.
>
>I need to selectively allow user access to sshd based on the file
>/etc/sshd_users. For example, if user "foo" is listed in
>/etc/sshd_users, he should be able to log into my server through sshd
>(after typing in his password and stuff). However, the ssh login
>attept for "bar" would be denied and closed before he had a
>chance to authenticate since he wasn't listed in /etc/sshd_users.
>
>_________________________________________________________
>Do You Yahoo!?
>Get your free @yahoo.com address at http://mail.yahoo.com
>
>
Reuters, London, February 29, 1998:
Scientists have announced discovering a meteorite which will strike the
earth in March, 2028. Millions of UNIX coders expressed relief for being
spared the UNIX epoch "crisis" of 2038.
_______________________________________________________________________************** DREAMWVR.COM - TOTAL INTERNET SERVICES ****************
TOTAL DESIGN - DEVELOPMENT - INTEGRATION - SECURITY - Click Here..
<http://www.dreamwvr.com/services/MAX_SEC.html>
DREAMWVR.COM - The Console of Many... 24 X 7 Evolution Internet
<http://www.dreamwvr.com/dynamicduo.html> <mailto:[EMAIL PROTECTED]>
-> Linux-Mandrake Solution Provider and North American Distributor <-
<http://www.dreamwvr.com/mandrake/mandrake-dist.html>
"As Unique as the Company You Keep." "===0 PGP Key Available
________________________________________________________________________
