SUMMARY - disallow telnet to one account

From: Vahid Moghaddasi (sunman@ureach.com)
Date: Fri Sep 22 2000 - 07:58:42 CDT


Good time everyone,
My original question was; how to disallow only one account
(user) to log-on to the system, but "su" to that user would
be permitted. for example: oracle can not log-on to the system
using "oracle" user name but Dave can telnet to the system as
Dave then "su - oracle"
I have received many replies which is not possible for me to
include all the names, most answers lead to disabling telnet
on the system which it is not what we want!
Here are the best two solutions:
1. Tim Lindgren
   use a tty admin/monitoring free package downloadable from
   http://www.darkwing.com/idled and tcpwrapper.
2. Kevin Graham
   Lock the account in shadow file "*LK*" and use sudo
Both solutions are fine, I think I will go with Kevin's since
we already have sudo installed on systems.
Thank you all,
Vahid.

________________________________________________
Get your own "800" number - Free
Free voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag

S
U BEFORE POSTING please READ the FAQ located at
N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
. and the list POLICY statement located at
M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
A To submit questions/summaries to this list send your email message to:
N sun-managers@sunmanagers.ececs.uc.edu
A To unsubscribe from this list please send an email message to:
G majordomo@sunmanagers.ececs.uc.edu
E and in the BODY type:
R unsubscribe sun-managers
S Or
. unsubscribe sun-managers original@subscription.address
L To view an archive of this list please visit:
I http://www.latech.edu/sunman.html
S
T



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:18 CDT