COMPGROUPS.NET | Search | Post Question | Groups | Stream | About | Register

How to selectively block SSH connections

  • Follow


I'm posting this question in more than one forum to see if someone can
help me. Please excuse my bad manners but this is a very hot topic
now, at least for me ;)

Hello

I haveto block SSH connections from host A to host B if, and only if,
a certain effective user was used to login into host A.

In details:
1) Host B contains an account named user1.
2) Host A contains many accounts and an account named user2.
3) In host A, account xxx is allowed to sudo to account user2.
4) Someone logs into host B as user1. In that case this authentication
should be accepted.
5) Someone logs into host A using account user2 and then ssh to host B
as user1. In that case this authentication should be accepted.
6) Someone logs into host A using account xxx and then, using sudo,
becomes account user2 and then ssh to host B as user1. In that case,
the tentative to ssh to host B needs to be blocked.

Any ideas?

Cheers,
Andreas
0
Reply afberendsen (1) 8/23/2007 11:00:10 PM

comp.sys.sun.admin 3277 articles. 4 followers.

0 Replies
101 Views

(page loaded in 0.027 seconds)

Similiar Articles:

ssh_exchange_identification: Connection closed by remote host ...
... ssh user1@dive.borneo.com > ssh_exchange_identification: Connection closed by remote host The SSH ... A workaround is to change MaxStartups option, or block the IPs that ...

ssh_exchange_identification: Connection closed by remote host ...
... was to increase the MaxStartups in /etc/sshd_config and block the ... ssh_exchange_identification: Connection closed by remote host ... ssh_exchange_identification ...

How to restrict outbound connections ? - comp.unix.solaris ...
How about a separate SSH proxy between this VPN box and ... Throttling network traffic - comp.arch.embedded... can selectively throttle a node's traffic on a connection ...

TCP connect timeout setting in Solaris - comp.sys.sun.admin ...
However, I see the TCP connect block for 1min. 45 sec. Before the change ... then it ... sleep argument as suitable relative to timeout ... ssh drops idle connections ...

Keithley 2602 Reading Data via TCPIP connection - comp.soft-sys ...
Keithley 2602 Reading Data via TCPIP connection Follow ... Launching matlab remotely via ssh on Windows ... hangup while using DM6430 driver (Analog Input Block) 0 99

login fail block IP - comp.sys.sun.admin
I have been looking for a utility that can block an IP, based of ... ssh_exchange_identification: Connection closed by remote host ... some time when i login to my server ...

Disable telnet for root - comp.unix.solaris
Better yet, disable telnet altogether and use ssh. ... case, I would use TCP wrappers to ensure that connections via ... membership is so that the it may read the disk block ...

How to disable outgoing FTP service? - comp.os.vms
... missed? >> If you need tighter security, you'll need a firewall to block outbound connections ... Disable telnet for root - comp.unix.solaris Turn off telnet/ssh login ...

Fingerprint Recognition - comp.soft-sys.matlab
... and for each keeping only ... 1)I want to sub-block a ... 89:eb: 52:dc:a7. ... ssh_exchange_identification: Connection ... Regards, ... ssh_exchange_identification ...

VPN ASA Authentication to MS CA - comp.dcom.sys.cisco
... range and addressed to the client range block MS ... ... is a virtual private network (VPN) connection using Cisco ... 170 ... to Cisco Systems, Inc ... time-out 60 ip ssh ...

Linux: Openssh (ssh server) deny root user access
How do I block access to root user over ssh session? A.. sshd (OpenSSH Daemon) is the daemon ... Redhat Enterprise Linux 5 / CentOS 5 monitor and track TCP connections on ...

Detecting SSH tunnels « coderrr
It allows you to transparently tunnel all your connections over ssh. This is ... Geek, Privacy, Security New research could allow ISPs to selectively block ...

7/17/2012 12:46:34 PM


Reply:
Privacy Policy | All Times Are GMT(UTC) | powered by