forbid certain user to connect to my server via ssh

hi,
where can i forbid certain user to connect to my system (suse 8.2) via ssh??

and another question:

is there a command to show all connected users via ftp (I use ProFTPD)??

thanks for you help

little boy
0
little
2/11/2004 4:48:57 PM
grc.techtalk.linux 3969 articles. 0 followers. Follow

9 Replies
373 Views

Similar Articles

[PageSpeed] 5

In article <c0dm9j$gi2$1@news.grc.com>, hansiator@gmx.net says...
> hi,
> where can i forbid certain user to connect to my system (suse 8.2) via ssh??

probably /etc/security/access.conf

> 
> and another question:
> 
> is there a command to show all connected users via ftp (I use ProFTPD)??
> 
> thanks for you help
> 
> little boy
> 
> 
> 
> 

-- 
Bloated Elvis
0
Bloated
2/11/2004 5:11:10 PM
In article <MPG.1a942c384488a9be989991@news.grc.com>, 
thel8elvis@hotmail.com says...
<>
oops, premature send :-O

> > is there a command to show all connected users via ftp (I use ProFTPD)??
> > 

ftpwho


-- 
Bloated Elvis
0
Bloated
2/11/2004 5:12:35 PM
thanks for the advice, is the first number the process id oft the server,
the client uses??

another question to the acces.conf:

    i have added the line
-:<username>:

because i didn't really know, what to fill in in the third gap, but this did
not really work, i can still connect via puty from any other machine.

lb

"Bloated Elvis" <thel8elvis@hotmail.com> schrieb im Newsbeitrag
news:MPG.1a942c8d47be4253989992@news.grc.com...
> In article <MPG.1a942c384488a9be989991@news.grc.com>,
> thel8elvis@hotmail.com says...
> <>
> oops, premature send :-O
>
> > > is there a command to show all connected users via ftp (I use
ProFTPD)??
> > >
>
> ftpwho
>
>
> --
> Bloated Elvis
0
little
2/11/2004 5:41:42 PM
In article <c0dpcg$jrs$1@news.grc.com>, hansiator@gmx.net says...
> thanks for the advice, is the first number the process id oft the server,
> the client uses??

Don't have a clue.

> 
> another question to the acces.conf:
> 
>     i have added the line
> -:<username>:
> 
> because i didn't really know, what to fill in in the third gap, but this did
> not really work, i can still connect via puty from any other machine.

You need to make sure your SSH is using PAM.

It's going to be a YMMV, depending on how things are configured.

Here are some examples:
http://www.trilug.org/pipermail/trilug/Week-of-Mon-20020121/003993.html
http://endor.clublinux.org/RHCE-15.html
<>

-- 
Bloated Elvis
0
Bloated
2/11/2004 6:11:16 PM
thanks Bloated Elvis, Pam was a good advice, but i inserted the row

-:<username>:ALL

and no it is not possible for anyone to connect via ssh with the machine!!
what can i do!!??

little boy

"little boy" <hansiator@gmx.net> schrieb im Newsbeitrag
news:c0dm9j$gi2$1@news.grc.com...
> hi,
> where can i forbid certain user to connect to my system (suse 8.2) via
ssh??
>
> and another question:
>
> is there a command to show all connected users via ftp (I use ProFTPD)??
>
> thanks for you help
>
> little boy
>
>
>
0
little
2/11/2004 7:15:29 PM
In article <c0dusa$psc$1@news.grc.com>, hansiator@gmx.net says...
> thanks Bloated Elvis, Pam was a good advice, but i inserted the row
> 
> -:<username>:ALL
> 
> and no it is not possible for anyone to connect via ssh with the machine!!
> what can i do!!??

Go outside and enjoy some fresh air and exercise ?

Seriously, I'm sorry, but I have no clue what you might have done.

If you've completely locked out SSH access, I guess you will have to log 
on locally and undo what you did. Generally, you can make changes and 
stay logged on through the changes in an SSH session, and try the 
changes with a *different* user and a different ssh session, so you can 
undo any changes....

-- 
Bloated Elvis
0
Bloated
2/11/2004 7:24:44 PM
thanks, now it worked out!!
at my luck i was connected via vnc, and so restored the files!!
What a stupid mistake i have done, i have just written required with a
double r.
*argh*

thank you for you fantastic help!!
I'm just learning, linux is so nice logic!!

little boy

"little boy" <hansiator@gmx.net> schrieb im Newsbeitrag
news:c0dm9j$gi2$1@news.grc.com...
> hi,
> where can i forbid certain user to connect to my system (suse 8.2) via
ssh??
>
> and another question:
>
> is there a command to show all connected users via ftp (I use ProFTPD)??
>
> thanks for you help
>
> little boy
>
>
>
0
little
2/11/2004 7:54:09 PM
easiest thing to do is set their shell to something nonexistent in
/etc/passwd, i.e. replace /bin/bash with something like /sbin/nologin for a
particular user.
0
Paul
2/13/2004 5:57:55 PM
In article <c0j36p$eer$1@news.grc.com>, pcornell@bizdev.ca says...
> easiest thing to do is set their shell to something nonexistent in
> /etc/passwd, i.e. replace /bin/bash with something like /sbin/nologin for a
> particular user.

Then they have *no access*, not 'no access to SSH'.

-- 
Bloated Elvis
0
Bloated
2/13/2004 7:08:08 PM
Reply: