LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-19-2002, 08:50 AM   #1
vinay_r99
LQ Newbie
 
Registered: May 2002
Location: Bangalore
Distribution: Linux
Posts: 20

Rep: Reputation: 0
messages should appear.


hi,

I want to restrick users other than root. And onces the user onces in it should appear a message saying USERS NOT ALLOWED !!! something like this..... thought PAM .. i hv restrick the users expect root ... the problem is messages are not appearing when the users try to login. can somebody help me with this .... need it Urgently.... awainting for ur valueable response.

Thanx & Rgds,
Vinay R
 
Old 12-19-2002, 12:09 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Do you want to deny *all* users except root to log in? Do you want to restrict all users from accessing the *root* account?

//maybe off-topic but please don't try to slur your words/sentences. makes it hard to read.
 
Old 12-29-2002, 10:09 PM   #3
pjcp64
Member
 
Registered: Dec 2002
Location: Omaha, NE
Distribution: Ubuntu Server and SuSE
Posts: 69

Rep: Reputation: 15
/etc/nologin

I haven't actually used it, but you might want to give it a try.
touch /etc/nologin
and make sure you can login as root before you actually signoff of your current session.
You will probably want to verify that other IDs cannot signon.
I don't know how this effects ftp etc...
Depending on what your goal is here, you may just want to go into single user mode by: init 1
That should restrict all logins except from the console. Other services will be
shutoff too ( ftp, ssh, oracle, etc.... ).
/etc/motd is a file that shows a message when signing on.

Oh... Don't forget to rm /etc/nologin when you done! :-)
 
Old 12-29-2002, 10:31 PM   #4
pjcp64
Member
 
Registered: Dec 2002
Location: Omaha, NE
Distribution: Ubuntu Server and SuSE
Posts: 69

Rep: Reputation: 15
SSH will display a banner before a user signs in.
I think wu-ftpd will also.... hmmm.... maybe not.
As for telnet, you might have to research that one.

The point being, there isn't one single place you can
place a message that affects logins for all of these
different services.

SSH and Telnet both use /etc/profile. You could place
a message in there and then boot the user out. Make
sure that there is some if...then logic to allow root to
login though.
Ftp doesn't use /etc/profile so you'd have to find a
different mechanism for it. ( or maybe just turn it off ).
 
Old 12-30-2002, 03:23 AM   #5
vinay_r99
LQ Newbie
 
Registered: May 2002
Location: Bangalore
Distribution: Linux
Posts: 20

Original Poster
Rep: Reputation: 0
Hi,

Its working am able to get a message from nologin file. Expect root any users try to login .... they will get a message.

thanx a lot for the help.
 
Old 12-30-2002, 08:37 PM   #6
pjcp64
Member
 
Registered: Dec 2002
Location: Omaha, NE
Distribution: Ubuntu Server and SuSE
Posts: 69

Rep: Reputation: 15
/etc/nologin

How did you get the messages to work? Simply by typing it in the nologin file? I tried that but didn't have any success.

Also, did it work for telnet or ssh or both?

Thanks.

Thom
 
Old 12-30-2002, 11:18 PM   #7
vinay_r99
LQ Newbie
 
Registered: May 2002
Location: Bangalore
Distribution: Linux
Posts: 20

Original Poster
Rep: Reputation: 0
I has restricted users through pam ... i was able to restrict users the only problem i was facing ... when users try to login via telnet messages was not appearing .... so i created a nologin file in /etc.

In nologin file i typed Unauthorised Users Probhited. thatz hw i use to get the message when users try to login.
 
Old 12-31-2002, 06:02 AM   #8
pjcp64
Member
 
Registered: Dec 2002
Location: Omaha, NE
Distribution: Ubuntu Server and SuSE
Posts: 69

Rep: Reputation: 15
Thanks...

So it appears that /etc/nologin does affect telnet with a message.
SSH would require it's own banner setup. ( it supports it ). It'll actually display the message before the user attempts logging in.
I'm not quite sure about ftp and wu-ftpd.

But anyway.... It'll looks like you've solved your problem.

Good Luck!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
what does messages suppressed in /var/log/messages mean saavik Linux - Networking 2 05-07-2008 02:31 PM
Redirecting the kernel messages to file other than /var/log/messages jyotika_b83 Linux - General 3 04-28-2005 06:39 PM
From where am i getting error messages to /var/log/messages? prabhuacsp Programming 3 02-16-2005 08:59 AM
/var/log/messages full of these messages. Should I be concerned? mdavis Linux - Security 5 04-16-2004 10:08 AM
syslog and firestarter - log messages to another file than messages mule Linux - Newbie 0 08-07-2003 03:35 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration