Preventing users from loggin into a unix box
On April 19, Ram Meenakshisundaram wrote:
> I have a Solaris 2.6 Ultra-10 at work and I want to prevent users
> from logging into my machine. I dont want to run in single-user
> mode. Is there a way to disable rlogin or telnet over to my
> machine?
Yes, it's easy. All network-based services like that usually have
their server-side components run by a supervisory program
("superserver") called "inetd". Inetd listens on all the ports that
services are registered for, and when a connection request comes in,
inetd accepts the connection, starts the required server binary, and
basically hands it the socket. From then on, that connection is
handled by the server binary for that particular service.
This whole operation is handled by a config file called
/etc/inetd.conf. It's got one line per service, and each line has
many fields that control different things. The first field is the
name of the service (telnet, ftp, etc). You can comment out services
in that file by inserting a "#" in the very beginning of the line in
question.
To achieve the results you want, I would comment out the following
lines:
telnet (handles incoming telnet connections)
ftp (handles incoming ftp connections)
login (handles incoming rlogin connections)
shell (handles incoming rsh and rcp connections)
I hope this helps.
-Dave McGuire
Received on Thu Apr 19 2001 - 14:00:55 BST
This archive was generated by hypermail 2.3.0
: Fri Oct 10 2014 - 23:33:27 BST