General :: Disallow New Ssh Connections For A While?
Jan 6, 2011
What is the best way to disallow new ssh connections for the duration of my session ?
I want to evade read/write collisions. Things work like that - one session put files on server, other copies these files and then deletes them. So in order to evade collision:
- I check if there are no established connections.
- Then I deny new connections temporarily.
- Do the job.
- Allow new connections again.
Maybe there are better ways to achieve the same result ?
View 1 Replies
ADVERTISEMENT
Apr 12, 2011
I have a requirement to implement SSH Services in a way, oracle user should be disallowed from everywhere other then one host. While no restrictions for other users.
I worked with DenyUsers, but it disallow oracle logins from all hosts.
View 15 Replies
View Related
Oct 12, 2009
I want to disallow root login on my RHEL Machine?
View 14 Replies
View Related
Feb 7, 2011
have a problem with my network-manager in ubuntu 10.10.when I dial one of my vpn connections, my other vpn connections be disabled and I can't use them!I tried to restart network-manager and gnome-panel, but it does't seem to solve this problem.
View 1 Replies
View Related
Jul 8, 2011
I like to start Emacs as part of a login script and leave it running for the duration of my login session (which is typically weeks).
I have scripts to call emacs-client which will allow me to use a file-manager or Windows Explorer to locate files and right-click to edit them in Emacs.
I often end up with a lot of emacs windows (frames) open and I like to just be able to close them by clicking on the MS-Windows or KDE X button at the top-right.
The trouble is, if the window is the last one, this will shut down emacs which will lose all kinds of interesting history information.
As a work-around I use C-x 5 0 which won't let me close the last frame but this is often not as convenient as using the mouse
Does anyone know how to configure Emacs so that it can intercept the Window-Close button of the last frame to either request confirmation or simply disallow it?
On MS-Windows, disallowing closing of the last window may cause logoff to hang if emacs is still running but I'm not too worried about that.
View 2 Replies
View Related
Feb 20, 2011
I want to disallow usb port when it is connected...I tried sys/bus/usb/devices/power/level=suspend but still i can see that usb device and have access to that usb device . stop access to a particular usb device which is connected to Linux system...Also i tried ioperm() but i cannot find usb port no. which is required for it...Also i want to do this by C++ programming
View 1 Replies
View Related
Jan 10, 2011
trying to devise a new sudoers configuration while building a new SOE and would like to force everyone (including system administrators) to use rootsh in favour of doing things like sudo -s, sudo bash, sudo tcsh and so forth. Effectively, use sudo to use any shell other than rootsh. Is there a way to allow users to run anything they want except shells. I realise this is a default permit which inherently is defective, but I'm not convinced that going through the 1559 executable commands of my (as yet incomplete) built system to decided on the likely 1000+ commands I would want to be genuinely allowed. As I said this is for system administrators first, and I'd like to forcibly instil the habit of sudo <command> or using rootsh to get an audited shell. But I know people are already not doing enough sudo <command> as it stands, rather they switch to bash.
View 7 Replies
View Related
Mar 12, 2011
I need a to allow a user to tunnel an ssh session but disallow them a bash shell. # chsh -s /sbin/nologin {username} won't cut it...? would permissions be the way to go with it? But how? Setup a group and add the user to that group? Or add all other users to that group... I'm confused
View 3 Replies
View Related
May 4, 2010
I'm using Ubuntu x64 (dunno which version, but I don't think it matters) and I'm concerned about security with PHP.I remember using lighttpd and I had some mystic configuration and the secuirty was perfect for me - if one website gets hacked then the others are still safe (kinda).Now with apache2 if I enable safemode I'm still able to go outside web directory and actually I can go really far untill user/group matches.I tested the system with r57shell and I was able to mess up other websites.Is there a way to disallow access to other websites?
View 5 Replies
View Related
May 14, 2011
I have Windows 7 and Ubuntu 10.04 installed on the same harddrive. I'm using grub to boot both. I would like to deny access to the windows partitions, but allow access to removable drives and shared drives.
View 2 Replies
View Related
Jun 23, 2011
I am stuck in a weird situation and could definitely use some help from gurus in security area.
I have categorized my users into 3:
1. root user
2. other local users
3. LDAP users
I want to setup following 2 usecases:
a)
1. Allow keybased ssh and scp to root users
2. Allow ssh but disallow scp service to other local users
3. Disallow ssh and scp to LDAP users
b)
1. Allow keybased ssh and scp to root users
2. Disallow both ssh and scp to other local users
3. Disallow ssh but allow scp to LDAP users
For the 1. in both cases, I think PermitRootLogin in sshd_config could . For the 3. I am thinking of deploying rssh to control scp service access, since ssh will be restricted anyways.
Problem area is 2. primarily.
i) How to allow ssh but disallow scp to 'other local users'
ii) How to disallow both ssh and scp to 'other local users'
View 5 Replies
View Related
Jul 29, 2011
[URL] I want to
Code:
sudo ufw default deny
and then
Code:
sudo ufw allow ssh
sudo ufw allow smtp
sudo ufw allow www
[code]....
to allow the services I need, am I missing anything ? I assume allowing ssh will also allow scp ? (heck I will allow sftp as well anyway).However my problem is I am connecting remotely, so the only way I can do what I want is to actually do a
Code:
sudo ufw default allow
then use a list of the services provided by
Code:
less /etc/services
and deny each service individually? This seems a pain as if I turn on the firewall with default deny it will boot me out of my ssh connection?
View 1 Replies
View Related
Jan 21, 2011
Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?
View 3 Replies
View Related
May 30, 2011
I recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.
View 5 Replies
View Related
Nov 13, 2010
I have a system, I want only my sudoer account to show and automount NTFS partitions under 'Places' in Ubuntu. Simply, they shall not have access to mount it. Only my main sudoer user account shall take advantage on this show-and-possibly-automount feature of GNOME, but not anyone else.
View 6 Replies
View Related
Jul 21, 2010
I don't know if this is possible... I want that only some of a Windows Domain(Samba) users can to logging in a machine.For example: The user Peter of the domain WORKSPACE can connect to the PC1, but the user Charly of the domain WORKSPACE can not connect to the PC1. How I can implement this?
View 5 Replies
View Related
Mar 8, 2011
I need to disable file access (fopen, freopen, open etc) for application which is running under chroot jail and with restrictions (rlimit) via execv. Before that I redirected stdin/out to files within jail. I tried this:
Code:
// Redirect stdin/stdout to files
int fd = open (file_input, O_RDONLY);
if (fd < 0)
fatal_error ("input open failed!");
[Code].....
View 6 Replies
View Related
Aug 26, 2010
Do any programs need to be installed that aren't included in the default install of Linux Mint in order for it to allow VNC connections?
View 3 Replies
View Related
Jan 10, 2011
We just setup a Moodle server in Apache. We would like to track how close (if at all) we are getting to our MaxClients limit. Is there a log that will show simultaneous connections?If there is, can it be set to only log when specific numbers are hit?
View 4 Replies
View Related
Feb 18, 2010
A deamon say ssh will be listening on port 22. when a new connection is requested by the client, it will be authenticated and a new connection gets establihed with some port say 1025. And ssh will continue to listen on 22 for new connections.If I am correct then in my machine I observed following connections are establised to ssh port 22, As per my understanding connection should be established on a different port other than 22.
View 3 Replies
View Related
Feb 1, 2011
FTP servers I use frequently have imposed a simultaneous connections limit, usually 5-10 at the time. It was no problem under Windows, since Windows artificially limits allowed FTP connections to ~10 as far as I know. But it is a problem under Linux very much since I cannot find how to limit them :/ So far I used these clients: Native FTP client (Places -> Connect to FTP server). No apparent way to limit connections.
FileZilla. Under particular server settings you can limit number of simultaneous connections. Also you can do that globally in Edit -> Preferences -> Transfers. Problem is, it doesn't work, I still keep getting the 530 Sorry the maximum number of clients (10) for this user are already connected. And netstat shows quite a few simultaneous FileZilla connections no matter that I limited them to 1 both in global and local settings.
NCFTPPUT. 10 successful uploads and hi 530. Total Commander under Wine. Same. NetBeans IDE integrated ftp. Same. Some other crapy FTP clients which names I already forgot. Same. OS is Ubuntu 10.04 So, is there any way to force any of these FTP clients to use less than 10 concurrent connections?
View 1 Replies
View Related
Sep 14, 2010
Can I restrict the number of ssh connections to my Linux box - by username or by ip or both?
View 1 Replies
View Related
May 22, 2011
When trying to connect to an irc server in irssi, I get the following error: root Erroneous Nickname: Reserved for services. I don't know how to change the nickname before the connection is established. I'm currently connected to one server, where I have my proper nick, but when trying to connect to another server with connect [URL], which should open another connection, it's trying with the nickname root.
View 1 Replies
View Related
Jul 5, 2011
I'm facing a strange problem. I have a Debian squeeze machine connected to Internet through a 3G USB modem. The machine connects as expected, and I can resolve domain names and establish HTTP and SSH connections.The problem is when I try to communicate to that machine from another PC connected to Internet. The machine doesn't respond to PING and I can't connect to the SSHD installed in it. If I connect the machine to the local network, it works right.
route:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default * 0.0.0.0 U 0 0 0 ppp0[code]...........
View 1 Replies
View Related
Jan 27, 2010
Can I restrict the number of ssh connections to my Linux box - by username or by ip or both?
View 3 Replies
View Related
Jun 3, 2010
I have Fedora 10 set up as a server. Occasionally it will stop allowing connections, such as ssh, http, and samba. This continues until someone hits a key on the keyboard, and then it seems to come back to life and accept connections. At this point, the date and time will be wrong. Judging from monit messages that inform me when it stops allowing connections, I think the time freezes at whatever time it is when it stops allowing said connections.
Power Management has it set for the computer to never turn off. Sleep mode is also disabled in the BIOS.
I thought it was possibly the CMOS battery, but that has been replaced and the issue persists.
Someone previously thought it might have been Network Manager, but that is disabled due to issues it has with a static IP.
View 11 Replies
View Related
Jul 25, 2011
how do I create a shell script that looks for connections running on a oracle database. e.g connection name is CONNECT and database name is DBTEST. I want to know what processes with the name CONNECT are running in database called DBTEST. Am creating the script on the server side. I know about the ps -ef | grep command but how to point to a particular database I don't know.
View 4 Replies
View Related
Feb 23, 2010
After editing my network connections gateway setup as 192.168.1.1 I get back 0.0.0.0 after I run nm-tool. I'm using Ubuntu ver 9.04 setup on my VMware server.
View 1 Replies
View Related
Dec 30, 2010
I have a very simple question .I need to tune Kernel paramaters in RHEL 5 server to increase the number of concurrent connections what is the command to do this .How do i know the defaults and the maximum value i can raise this to.
View 1 Replies
View Related
Feb 22, 2010
What is the command to check all open TCP connections?
View 7 Replies
View Related
