[clarification] replacing the telnet daemon on Solaris

From: Jerry Kemp (sun.mail.list@oryx.cc)
Date: Tue Sep 18 2007 - 14:19:59 EDT

• Next message: Jerry Kemp: "[SUMMARY] replacing the telnet daemon on Solaris"
• Previous message: Jerry Kemp: "replacing the telnet daemon on Solaris"
• In reply to: Jerry Kemp: "replacing the telnet daemon on Solaris"
• Next in thread: Jerry Kemp: "[SUMMARY] replacing the telnet daemon on Solaris"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello everyone,

My apologies for my apparently poorly written question.

I have received several replies, one suggesting the /etc/shells, which
list valid shells on the system, and many more suggesting the use of
TCPWRAPPERS. TCPWRAPPERS can restrict host by IP address, network or
domain name.

I need to restrict telnet access by user id.

I have a hand full of servers that, for the time being, will need to
continue to run as a telnet server. And for those servers, a limited
number of user id's need to be able to telnet in. All other user id's
on the system need to be blocked. Much like the "ftpusers" file in FTP.
These are all internal systems and have no Internet access.

As the Sun provided telnet server does not provide this functionality, I
had initially done all of the standard Internet searches, as indicated
below. My searches turned up nothing, hence this question.

Again, thanks to everyone for your replies, and sorry for my poorly
written question.

Jerry K

Jerry K wrote:
> My company is doing a mass removal of telnet services corporate wide, to
> be replaced by SSH. And this is a good thing.
>
> We will have a handful of servers, that due to application issues or
> vendor support issues, will need to retain telnet daemon services and
> will need to be locked down by user id, as to whether they can login to
> a server or not. These systems are all Sparc based running Solaris 8.
>
> Initially, it was suggested to me that xinetd might be able to lock down
> telnet, and it can, just not by user id.
>
> I have done all of the standard searches, i.e. yahoo, Sun BigAdmin,
> freshmeat.net, sourceforge, etc. I have not come across anything that
> can lock down telnet services by user id.
>
> Is anyone else doing something like this? I would appreciate it if you
> can share what you did, or what telnet daemon you used to resolve your
> issue.
>
> As always, I will summarize.
>
> Jerry K
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Jerry Kemp: "[SUMMARY] replacing the telnet daemon on Solaris"
• Previous message: Jerry Kemp: "replacing the telnet daemon on Solaris"
• In reply to: Jerry Kemp: "replacing the telnet daemon on Solaris"
• Next in thread: Jerry Kemp: "[SUMMARY] replacing the telnet daemon on Solaris"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:42:20 EDT