Limiting telnet access from an IP address

[michealclark]

Hi guys,
Is there any way possible to limit telnet sessions to AIX from a PC. All of our users login to AIX with the same user account. Sometimes they run multiple sessions from pc which is causing some issues.

Thanks as always for your help,

Micheal

 

[gileb]

hi,

I only know of ssh that you can limit by ip addresses and other stuff - you have to add it on the system, its not there by default. i don't know if it is possible to limit telnet by ip add...

 

[Thief]

Or maybe you can restrict the Number of Times the User can Login;
Smitty --> Security &Users --> Login Controls --> Change / Show Login Attributes for a User --> "xyz user" --> Allowed Login Times

Thief................ :
(I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us .)

 

[DSMARWAY]

hi,

Since you say you have all your users login to your system with the same user account , the way you can do it is set a limit i.e. if you have 6 users using the same id e.g fredski
you can say only allow maximum of 12 logins for that user id
so in your .profile , you write a bit of code which checks
how many times the user fredski is logged in and if greater than 12 , print a message out and have an exit in the .profile i.e. something like

USER=$(who | grep -c fredski)
if [[ $USER -gt 12 ]]
then
print " Maximum of twelver users logged in
you cannot login any more etc.."
exit 0
fi

 

[AIX5L]

Hi
Is this a security Question ???
Then give any user their own Account.
You can set the Script from dsmarway as Authentication Method, or put it in the .profile from each user.
If you wont to allow users from only one, ore more IP-Adresse, then the best way is ssh, or host.allow