LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   How to access abc@192.168.0.1 from 192.168.0.5 only (https://www.linuxquestions.org/questions/linux-server-73/how-to-access-abc%40192-168-0-1-from-192-168-0-5-only-4175438592/)

deepak_message 11-24-2012 10:46 PM
How to access abc@192.168.0.1 from 192.168.0.5 only
 
Hi,

Due to some security reason, I am looking access by particular user from the single mahcine only. there should not block all user also from this machine and other mchine also.

Actually, I have one machine, its ip is 192.168.0.1 and user abc.

I am looking abc@192.168.0.1 can be access by 192.168.0.5 only. can't be access from different machine by this abc@192.168.0.1

Other user's should not effect and 192.168.0.1 should be access by any machine.

my intentation to make the rule for abc@192.168.0.1 only. there should not be other.

SO, please friends help me.

routers 11-25-2012 07:59 AM
6 times i read this , still not clear enought for me

1) is this mean you have a machine ip 192.168.0.1
this machine only have one user is abc
or
2) this machine have many user , abc is one of them
and you want to block abc only

if no (1) you can use tcp-wrapper to block ip 192.168.0.1 from login to 192.168.0.5
if no (2) you can define the service abc@192.168.0.1 in the 192.168.0.5

please clear it up

hamlindsza 11-25-2012 08:06 AM
Quote:
I am looking abc@192.168.0.1 can be access by 192.168.0.5 only.
I assume when you say access you mean access via ssh. On the 192.168.0.1 machine, add a firewall rule:
iptables -I INPUT -p tcp ! -s 192.168.0.5 --dport 22 -j DROP

This rule will allow ssh traffic from 192.168.0.5 ip.

jschiwal 11-25-2012 09:40 AM
There is an owner module that you can use on the 192.168.0.1 machine, with the ABC user. You can use it in the output and forward chains.
http://www.cyberciti.biz/tips/block-...-iptables.html

If you want to control access to the 192.168.0.5 machine, per user, authentication is normally used rather than IP Tables.
For example "AllowUsers ABC" in sshd_config will only allow user ABC to log in.

jefro 11-25-2012 03:06 PM
Using IP addresses (or mac addresses) is a poor way to secure a connection. Consider using some other form of authentication.

deepak_message 11-25-2012 08:57 PM
Thank you so much guys for your reply.

Hi Reuter,

Let me tell you actually seniaro, I am installing platespin in our envoirnment. and I want to create plspin account on making replication for on the server. plspin has the equivalent right as root(sudo no password).

so, I want to access this server(1992.168.0.1) by plspin account from 192.168.0.5 only.

routers 11-30-2012 04:36 AM
Quote:
Originally Posted by deepak_message (Post 4836922)
Thank you so much guys for your reply.

Hi Reuter,

Let me tell you actually seniaro, I am installing platespin in our envoirnment. and I want to create plspin account on making replication for on the server. plspin has the equivalent right as root(sudo no password).

so, I want to access this server(1992.168.0.1) by plspin account from 192.168.0.5 only.
did you read some other ppl reply if that is not what you want , mean they also not understand your question or not clear enought to understand what is your actually need, btw sorry my english also not very good

ok come this way

1)plspin@server05 want to ssh to plspin@server01 <- do you want to allow/block this ? answer= allow or block
2)userA@server05 want to ssh to userA@server01 <- do you want to allow/block this ? answer= allow or block


hope this way can make little bit clear your satuation, btw what is that plspin i googling arround i got nothing


All times are GMT -5. The time now is 04:11 PM.