Claes Nygren wrote:
> On Sat, 23 Sep 1995, Louis C Watta wrote:
> >
> > I'm looking to prevent users from logging into my servers. We run Solaris
> > 2.4 and NIS+.
> You could do some quick-and-dirty tricks like moving your
> telnet and rlogin ports to something else , and only tell
> the users who are supposed to log in.
> "hackers" will of cource scan your ports and find this out.
> Then there are the possibility of putting an extra challange into the
> login scripts (or even change default shell to something with a challange ).
> Claes
I may be missing something here, but why dont you just add
the USERS you want to be able to log onto the system into the /etc/passwd
file of the server. Then use the following in /etc/nsswitch.conf:
passwd: files
group: files nisplus
Notice that the passwd field has *NO* nisplus anywhere in it. This
would mean you must have an account for each person on the server, but it
seperates the nisplus users from the privleged.
Hope that helps.
> ------------------------------------------------------
> Claes Nygren Hogskolan Gavle-Sandviken Tel +46 70 8200 803
> claes @
hgs .
se S-801 76 GAVLE, SWEDEN Fax +46 26 648771
> http://www.hgs.se/~claes
-Mark
--
<a href="http://www.sbaonline.sba.gov/~mark";>
Mark Rorabaugh
</a><pre>
.___.___ ._
| __) --)| \ U.S. Small Business
|__ | __\||\\
(___|___/|| \\ Administration
</pre></a>
References:
|
|
