[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Telnet



On Sat, Jan 06, 2001 at 08:40:24AM -0600, StarDrifter wrote:
> I am a stand in sysadmin that doesn't know shell scripting and needs
> telnet to be disabled only for users so administrators can go in and
> do their stuff and then after they have done there stuff (on a set
> time) every user will be able to login to telnet that has access to
> telnet (i.e. a shell account) and can provide a correct user and pass.

probably the best thing to do would be to hack the pam_nologin.so module
so that it allowed logins by anyone in a particular group (e.g. group
"root" or "admin" or whatever) rather than just the root account.

then "touch /etc/nologin" to disable user logins and "rm /etc/nologin"
to enable it again.

btw, don't use telnet. even on a private LAN. in fact, especially on a
private LAN...almost all packet sniffing and password snooping occurs
on private LANs behind the company firewall. use ssh instead. there are
ssh clients for every flavour of unix, as well as windows, macintosh,
and other systems so there's really no excuse to be using an insecure
protocol like telnet.

for a good (and free software!) windows ssh client, take a look at
putty. not only does it do ssh, but it's also about the best terminal
emulator around for windows - unlike most, it actually gets the terminal
emulation right.

you can find putty at:

http://www.chiark.greenend.org.uk/~sgtatham/putty/

craig

--
craig sanders



Reply to: