|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Antonio Galea (ant9000_at_netwise.it)
Date: Thu Jan 16 2003 - 11:32:13 CST
On Thu, 16 Jan 2003, Halldor Björnsson wrote:
> Hi,
> Through /etc/hosts.allow and /etc/hosts.deny it is possible to
> control access of various services based on the remote domain name.
>
> Is it possible further restrict such access to certain users at
> the remote site.
>
> That is instead of allowing say, ssh from
> this.domain.net
> to only allow
> goodUser
this.domain.net...
>
> Any pointers appreciated
>
PAM based authentication allows for a lot more than just that.
Have a look at
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html
With the access module and/or the list-file one you should be able to solve
your problem... if the remote site passes you the USERID, that is if it has
an identd running.
Just remember one thing... are you trusting the remote site which is sending
you the remote user credentials? Well, you should't... unless you administer
it :-)
Bye,
Ant9000
-- _____________________________________________________________________________ Dr. Antonio Galea N e t W i s e http://www.netwise.it Sviluppo tecnico Tecnologie per il Web Tel 0461.421016 Fax 0461.426021 ----------------------------------------------------------------------------- GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX...404 Nope, mate! I run Apache :-) ----------------------------------------------------------------------------- --
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]