Login restrictions in NIS environment

Cecilio Marín cmarin at essiprojects.com
Wed Jun 8 10:12:30 UTC 2005


Hi,

I thought asigns each service an IP (logically, a machine with multiple 
IPs), and then making use of a firewall (as iptables), restricting 
services use by rules. This only restrict by machines IPs/services, but 
not by users (I believe you only want restrict machines).


Also, other method is server use one IP, but using wrappers hosts.allow, 
hosts.deny by services and IP ranges. This method permits specify user 
rules (in theory):

   sshd: user at machine.com  <--- Applies to the specific user on the 
given computer.
   sshd: ALL EXCEPT user at machine.com  <--- in hosts.deny, deny all 
except specific user from specific machine.

Good luck!


Richard Hobbs escribió:

>Hello,
>
>Thanks for your response, but I don't quite understand it...
>
>What do you mean by "Separe services by IPs"?
>
>And how can I restrict logins per IP? Will this allow me to restrict certain
>users from any IP, but to allow other users from any IP?
>
>Thanks again,
>Richard.
>
>  
>





More information about the redhat-list mailing list