Security Basics mailing list archives
Re: Restricting logins by IP address
From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 25 Oct 2005 00:05:35 +0200 (IST)
On 10/19/05, Keenan Smith <kc_smith () clark net> wrote:Similar to the way root can be restricted to logging in only at the console, is it possible to restrict logins by regular users to specific IP addresses? What I've got is a directory "ABC" and a user "Larry". I setup Larry to have ABC as his home directory. What I want to do is restrict Larry's login to a specific IP address so if he attempts a login from computer "123" it will succeed but if he tries from computer 456, it will fail.
On Fri, 21 Oct 2005, ilaiy wrote:
Try using /etc/hosts.allow Give the IP address of which you would want to allow and your /etc/hosts.deny should look like this ALL: ALL
Yes, tcp wrappers is a good solution if it is really what you need. Unfortunately, it does not solve the stated problem (at least, not how I understood it): it allows you to limit *all* the connection to a set of IPs, but it does not allow to restrict Larry's logins to one IP, and John's logins to some other IP. -- Regards, ASK
Current thread:
- Re: OS to know., (continued)
- Re: OS to know. John Melton (Oct 17)
- RE: OS to know. Security (Oct 17)
- Re: OS to know. Mark Owen (Oct 14)
- Re: OS to know. Michael Gale (Oct 31)
- Re: OS to know. Adam Kane (Oct 31)
- RE: OS to know. Depp, Dennis M. (Oct 18)
- Re: OS to know. Alloishus BeauMains (Oct 18)
- Re: OS to know. Kurt (Oct 18)
- Restricting logins by IP address Keenan Smith (Oct 21)
- Re: Restricting logins by IP address ilaiy (Oct 24)
- Re: Restricting logins by IP address Alexander Klimov (Oct 25)
- Re: Restricting logins by IP address Justin (Oct 24)
- Re: Restricting logins by IP address Netops (Oct 31)
- Re: OS to know. Netops (Oct 31)