[102242] in RedHat Linux List
Re: disabling telnet
daemon@ATHENA.MIT.EDU (flaw@colba.net)
Wed Dec 2 03:07:33 1998
From: flaw@colba.net
Date: Wed, 2 Dec 1998 03:03:54 -0500 (EST)
Reply-To: flaw@colba.net
To: redhat-list@redhat.com
In-Reply-To: <00a901be1d50$da2ca260$17356acf@cyberix.com>
Resent-From: redhat-list@redhat.com
On 1 Dec, Jerry P. Baklycki wrote:
>
> This might be trivial questions, but how do I disable someone's telnet
> ablity but still let me access via ftp. I know it is something in
> /etc/passwd . expample: right now the user would be something like
>
> username:password:500:10:person's name:/home/username:/bin/bash
>
> I know I need to change /bin/bash to something, but what?? I tried
> /bin/false and that will not allow telnet or ftp. I still want them to ftp
> in, but not to telnet.
>
> Any ideas??
>
> Thanks in advance,
> Jerry
There's several ways to do what want, but none of them have anything to
do with the /etc/passwd file (you would change the passwd file if you
want to set up a restricted shell for a user, or if you wanted to
disable a user's account).
You can limit the means by which a particular user (or users) can log
into your computer using PAM (i.e. where they can log in from, and what
ttys they're allowed to use -- tty1 would be console (your terminal)
only).
The easiest thing to do, if you don't want anyone to be able to
telnet into your computer, is to simply comment it out in
/etc/inetd.conf (also comment out anything else that you don't want
people to have access to -- careful don't confuse tftp with ftp and
uncomment it).
You can also control telnet access (as well as many other points of
access) to your computer (based upon ip address, address groups, or
domain names, etc) using tcp_wappers (you would edit the
/etc/hosts.deny, and /etc/hosts.allow files).
None of these options need affect anyone's ability to ftp into your box,
and for general security reasons you should be using the last two
options anyway.
If you want more info on any of these options feel free to email me.
fj
--
____________________________________________________________
/ _( ( __ ___ __ )---)--- flaw@colba.net ---)---)
| |_ ) )/ _` \ \ /\ / / ( http://www.colba.net/~tanh/flaw/ (
| _( (< (_| |\ V V / ) http://members.xoom.com/flaw/ )
|_| )_)\__,_| \_/\_/ (--------(-------(((-------(--------(
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
