Ubuntu :: SSH Restrict Public Key To A Single Username?
Apr 29, 2010
I set up SSH on a server running Ubuntu using rsa key authentication. I want to allow a friend of mine to log into the server with restricted access, so I created a user account named "guest" with its own home directory and ensured that it has no root access. I created a new pair of keys and added the public key to my authorized_keys, but when I was testing SSH I noticed that not only could I not log in as guest, I could use the key to log in as my own account and gain root access via sudo. How can I restrict specific private keys to only be able to log in as certain users?
View 6 Replies
ADVERTISEMENT
Jan 27, 2010
Can I restrict the number of ssh connections to my Linux box - by username or by ip or both?
View 3 Replies
View Related
Nov 9, 2010
What is the simplest way to restrict access to a single folder in Documents?
View 3 Replies
View Related
Jun 9, 2010
how can i restrict a single particular user from logging into the server not more than 5 times?
The conditions may be:
1) wrong password
2) can login only 5 times on one day etc.
View 5 Replies
View Related
Feb 26, 2010
Is it possible to restrict root logons to the SSH server to just a single ip address (or maybe a range?) I have other users connecting to the server daily so restricting ALL access to a single ip i cannot do. I need root enabled (for my own reasons) but want to lock it down a bit more.
View 9 Replies
View Related
Sep 13, 2010
I am trying to create a "GUI File Transfer " Application , for transferring the files within the network. For That I will obtain User name, Password through the GUI, I will have to append username and password in a single line and run it . I am facing difficulties in exploring the "command",
View 4 Replies
View Related
Apr 28, 2011
If i have two domins [URL] and [URL], can i point it to same IP Address in DNS?.I had already added namevirtualhost in my Apache.If possible, is there any risk,disadvantages.
View 11 Replies
View Related
Mar 11, 2010
For monitoring a network [LAN] I need a single C/C++ program using unix commands to retrieve the username, associated static IP address, what time user logged in, log out, total time system used by user. so that if a system has several users who used it @ different times of the day... then i need details of all users me,time of log in, static IP &all
View 1 Replies
View Related
Aug 2, 2011
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies
View Related
Sep 24, 2010
I run the following file with the >log.log redirector and it does not capture errors.
#!/bin/bash
echo ************************BEGIN LOG******************************
date +"%m/%d/%Y %H:%M:%S $HOSTNAME"
cp -f /scripts/original/clamscans.log /scripts
[code]....
The following errors show up when I run from the file from the term window, but are not written to log.log:
tar: /public/public/clamscans/*.txt: Cannot stat: No such file or directory
tar: Error exit delayed from previous errors
mv: cannot stat `/public/public/clamscans/*.txt': No such file or directory
I know with windows you can add the 2>&1 to capture error data. Is there such a thing for Linux?
View 2 Replies
View Related
Mar 3, 2010
How can I forward all traffic from a public IP to another public IP. Let's say I have a first debian box named box1 with eth0 = 1.1.1.1 and eth0:1 = 1.1.1.2 and I want to forward all traffic from 1.1.1.2 to "box2" located somewhere else over the internet and having for eth0 2.2.2.2 Both 1.1.1.0/24 and 3.3.3.0/24 are public IP ranges.
View 1 Replies
View Related
Apr 20, 2011
ls -al ../public-back
drwxrwxr-x 4 apache apache 4096 Apr 19 03:32 templates
ls -al ../public-back/templates
drwxrwxr-x 2 apache apache 4096 Apr 19 03:33 content
[code]....
How do I move the contents of /public-back/templates recursively with permissions into /public/templates ?
View 2 Replies
View Related
Nov 3, 2010
I recently installed vsftpd on my server. I noticed that users on the machine can login into vsftpd with their username and password on the machine and go to their root dir "/home/username".Now, I want to give some people a vsftpd username and password so they can upload and download files and folders to their folder, but this folder has to be in the "/var/www/(username)" folder. I don't want them to be able to go to any other folder than their own folder like "/var", "/etc" or "/home" etc. Also I don't want them to be able to login on the machine as a user, through putty for example. They should only be allowed to acces their folder with vsftpd, nothing else.
View 1 Replies
View Related
Oct 13, 2010
I have question about the UNIX sockets. my goal is to connect multiple sockets from a single client to a single server and keep them open...I'm not sure if that is possible to create or not. Do you have any suggestion or an example of code?
View 1 Replies
View Related
Apr 14, 2010
I've installed Ubuntu Desktop Ed 9 and I want to add a user account that would be very restricted. I would only want them to access the internet and run several programs. I do not want them to have access to the destkop, anything under preferences, administration etc... Is this possible?
View 1 Replies
View Related
May 12, 2010
I'm trying to VPN in somewhere and it doesn't like any outbound connections. I'm doing this for RDP, so can I somehow restrict the VPN connection to only be using the RDP port?
View 1 Replies
View Related
Oct 7, 2010
I'm running Ubuntu Server 10.04 32-bit.I'm looking to find if there is anyway I can lock down ubuntu so that remote access, whether it be SSH, ftp, apache.etc can be only accessed from a certain IP range, or a certain set of IPs?Essentially, we'll say the Server IP is 192.168.1.32, and I want the IP addresses 192.168.1.33-50 to be able to access the server, but no other IPs.I am in a switched environment, router's are not allowed to be placed on the network, and I do not have access to a DNS or DHCP server.Is there a way to do this in on the server via a configuration of some sort?
View 3 Replies
View Related
Apr 1, 2011
I've looked around and haven't been able to really understand how to do this yet.How can I set up a SSH user to access a single folder (and it's subfolders) on my system.I want to give my brother access to a folder under /media/Data/FilesBut I don't want him to access any other part of my system.I've set up a user (using useradd and gave him a password but no home directory).I want to have him use SSH to log in to my machine, start in the /media/Data/Files directory, and not be able to get out of that directory - but add/change/delete/etc any of the files.
View 8 Replies
View Related
Apr 8, 2011
Prior to purchasing this Toshiba L675D I was able on my old HP to explore other distros, but there seems to be some incomparability existing with this model that restricts 10.10 but accepts 10.04, kernel thing I assume. But in all other attempts to install, Mint, open Suse etc it loads the kernel then the Live CD freezes on a black screen blinking cursor. Have tried nomodeset with no success. Obviously Toshiba is no help with Linux and win 7 forum even cautions against creating an extended partition. Oh out of the box this baby had 3 primaries, one a recovery and hidden. Just an FYI
View 1 Replies
View Related
May 3, 2011
I was just wondering how do i restrict someone from entering other files. Like other peoples files & the system files. My users are in /home/. I am running ubuntu 10.10.So how do i restrict access to other folders. Because i dont want other people looking inside others files or messing up my linux files.
View 3 Replies
View Related
Apr 7, 2010
I want to restrict SSH so that its only accessible via the machines I own on this network. Obviously need to secure user authentication/host authentication, that aside though is the following sufficient at a network level given technical users also use this network? IP addresses are static, though I know they could be spoofed.
Code:
Chain INPUT (policy DROP)
target prot opt source destination
existing-connections all -- anywhere anywhere
allowed all -- anywhere anywhere
[Code]....
View 4 Replies
View Related
Apr 12, 2010
I will mount a nfs share on a client with fstab. Is there a way to don't allow some users accessto that folder ?
View 4 Replies
View Related
Jun 9, 2010
I'm running a Virtual Box with Ubuntu 9.10 and I'm experimenting with Apache 2.2.12I would like to use the authz_owner module but it is not possible for me to access http://localhost/~b/private/"b" is my username and "private" is the directory definded in the httpd.conf file.My httpd.conf file:
Code:
<Directory /home/*/public_html/private>
AuthType Basic
[code]...
View 2 Replies
View Related
Jul 28, 2010
Everytime I start Rhythmbox it starts to scan my USB HardDrive (which contains 50,000+ files) for media. I searched around, and it seems that there is nothing one can do stop that using any Rhythmbox options, switches, etc. Is there a way to prevent a process (in this case Rhythmbox)from using a certain resource (the path to my USB Drive)? I'm thinking APPArmor or SELinux may be the way to do it.
View 2 Replies
View Related
Aug 28, 2010
I have created my own custom ubuntu distro using the alternate installation cd and doing a command line install. I'm using ubuntu 10.04 as my base and am also using thunar as my file browser and am trying to create a secure desktop environment and to do that I'd like to restrict thunar to a certain partition. Is it possible to do that?
View 9 Replies
View Related
Feb 26, 2011
I would like to allow a user to login through SSH but with differentpermission coming from different ipaddress.For example, a user "tester" login to SSH through 192.168.1.1 andanother user login with the same login id "tester" but from differentip 192.168.1.2.How do I restrict 192.168.1.2 to only allow for viewing the content inthe home directory while giving 192.168.1.1 full access?I got a suggestion from some oneApproach 1) Based on the ip you change the shell. If it's just for read only ajail would be fine.but how do I change shell based on IP?Approach 2) to have two ssh instances. Let's say port 22 and port 24. Port 22 isfor read only, while port 24 is for full accessso how can it be possible to give port 22 only read only access to SSH
View 1 Replies
View Related
Jan 2, 2010
I've been searched for the related topic, but i couldn't found any of them. Basically, i want to set up a server to restrict internet access for other computer (windows box), but allow internet connection for kaspersky to download its database. Here are some questions:
1. Do i need two network card at the server box?
2. There are 8 computers but only 2 are allowed all internet connection, 6 of the rest are not allowed, all windows box can accept connection to download database from kaspersky.
3. Is it Iptables the best, easiest way to configure?
View 4 Replies
View Related
Jun 4, 2010
We just installed Ubuntu latest version (10.04), and what we are willing to do, is restrict the main computer user (none-administrator) to be only able to use web browser (Mozilla Firefox or some other) and that is it. Not allowed to do anything else, apart from this, and shutting down the station. How and where should we apply this type of limitation on a user?
View 4 Replies
View Related
Jul 27, 2010
I am trying to download site using wget :$sudo wget -r -Nc -mk [URL] but it is downloading the contents of all directories and subdirectories under the domain :[URL] (ignoring the 'codejam' directory) so it is downloading from links like : [URL]... i want to restrict the download so that wget command should download only the things under 'codejam' directory
View 9 Replies
View Related
Sep 21, 2010
I am trying to use apparmor to restrict my file browser, which is Thunar to only let me view the files that are in the home directory and also removable media.I tried following the apparmor sticky with no success.I created the profile and tried editing it and it either started and let me do pretty much everything or did not start at all. Would it be possible for someone to help me step by step to set up a profile for thunar that would only show the home directory and removable media.
View 2 Replies
View Related
