LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-10-2006, 06:40 AM   #1
mayankh
Registered User
 
Registered: Jul 2006
Posts: 18

Rep: Reputation: 0
root access restriction for putty


hi all

i m using rhel4-es

i want to restrict root access via putty on time base

it means only between give time we can login to server via root user using PUTTY

how to do ?
 
Old 10-10-2006, 07:43 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
your question isn't really match up... putty is a multi protocol client, you can not control connections "from putty" as they could be telnet, ssh, raw etc...

however with my pedant hat aside i assume that you actually mean ssh connections. What you're actaully asking for is a very bad approach to security. if you wish to be secure the root user should *never* be permitted ssh access under any circumstances. instead you should connect to the system with your own nominal user account and then change to root once you are securely connected.

as for time access overall, you're probably best off looking at the generic pam_time module to control access to remote console connections.
 
Old 10-10-2006, 07:45 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608Reputation: 3608
You should not allow root SSH access, period. Instead log in as unprivileged user then use Sudo to perform tasks that require root account privileges.

If you want to allow time-based root logins regardless then at least AND harden your sshd_config AND implement one method of http://www.linuxquestions.org/questi...d.php?t=340366 AND restrict access of remote IP's using your firewall and tcp_wrappers.
When you've done that look at PAM_time's /etc/security/time.conf.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Root access restriction GalinaK Linux - Wireless Networking 1 07-03-2006 04:41 AM
Router - Access Restriction ciop Linux - Security 4 11-01-2004 10:27 PM
CVS access restriction pedrosan Linux - Software 0 05-21-2004 03:33 AM
WU-FTP root restriction atlantislim Linux - Security 6 09-05-2002 07:26 PM
Telnet Access Restriction mocha Linux - Networking 1 09-16-2001 02:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration