restricting ssh login based on IP

Steven Miano mianosm at gmail.com
Sun Feb 27 01:53:45 UTC 2011


If you can do it with two users, this would be a good time to use the
permission system.

Owner having 7 (read/write/execute), and Group having 5 (read and execute).

I think everyone on the list would like to know the reasoning behind using
the same user account.

On Sat, Feb 26, 2011 at 04:31, Michael Zoet <Michael.Zoet at zoet.de> wrote:

>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am 26.02.2011 10:21, schrieb Tapas Mishra:
> > On Sat, Feb 26, 2011 at 1:39 PM, Dan Sheffner <dsheffner at gmail.com>
> wrote:
> >> Like Michael said I would accomplish this with two users. Just off the
> top
> >> of my head I would do:
> > No not two users it has to be same user who has to be restricted based
> > on IP from which he logs in.
>
> Normally I would say it is impossible, but I do not know everything
> about PAM, jails and so on. The file system persmissions are not based
> on the IP a user came from, so you need to tweak a lot! If I really
> had to do such things I would write a shell script that looks up from
> where the user came and setup the enviromnet accordingly and make this
> shell script the login shell. But this is lot of work and someone has
> to be very carefull...
>
> Michael
>
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk1oyIAACgkQBvfZ5167qr/7vwCgziXRzhrZQ/85Sd7k6a0/+owh
> +JwAoIPnp+SqEKzSHBCEaMDQ+1pDoUF2
> =2fWg
> -----END PGP SIGNATURE-----
>
>
> --
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> More info: https://wiki.ubuntu.com/ServerTeam
>



-- 
Miano, Steven M.
   727.244.9990
<http://stevenmiano.com>       <http://facebook.com/mianosm>
<http://twitter.com/mianosm>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20110226/c9b27292/attachment.html>


More information about the ubuntu-server mailing list