how to deny user from accessing FTP service using /etc/hosts.deny in redhat 6
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The OP specifically asked about using TCP wrappers..wouldn't it be best to address the need? And the thread you directed to is ten years old...quite a bit has changed.
"user" and hosts.deny is not typical, not like peanut butter & jelly.
i am not a big user of hosts.deny/allow,
typically hosts.deny/allow use hostnames or IP. however, maybe a way to mix "user" in with hosts.deny/allow is to use hosts.allow with something like "in.ftpd ALL:" and spawn a script that reads a file "not-allowed-ftp-users" and then finds a ftpd PID that matches username from file list and then kill the PID.
sounds like it can work, just not sure if this is what you are needing, meaning there are other better ways to handle such, but you asked about hosts.deny, etc.
The OP specifically asked about using TCP wrappers..wouldn't it be best to address the need? And the thread you directed to is ten years old...quite a bit has changed.
Redhat 6 is more than 10 years old (though I concede that he may have meant RHEL 6 rather than Redhat 6) and TCP wrappers isn't the correct way block specific users from FTP (in many cases, it's not even possible). If you want to block specific users then you need to blacklist them in the FTP server settings (as the guy you quoted correctly advised)
if it is RH6 then it should not be still connected to the net
Indeed, but you'd be amazed at some of the old systems that are still in use (in my last job, there was a Win95 desktop still being used as a web terminal for secure payments - in fact it's probably still in use :-/ )
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.