Which brings us back to the ultimate question of "what are you actually trying to achieve?". You can bypass any of these by loading a separate OS from a pendrive or DVD and then enable access to the computer. But then your user can tunnel traffic over non-traditional ports. If it's serial multiple users (rather than parallel) then you could have a firewall script run on login for non-priveleged users and disable various traffic. Removing the execute and/or read bits on the client binaries for, eg, ssh will prevent a user from accessing it - however they could just install a new client if you leave them with install rights. what is the OP actually trying to do, stop a user from accessing clients with remote capabilities? Turn off all internet access? Are you realy wanting to prevent incoming access to ports used for remote access ? LE2: hosts_access supports usernames too, but AFAIK this is insecure. And because SSH is secure, you’re putting a secure. ![]() Because the original connection came from the remote computer to you, using it to go in the other direction is using it in reverse. Compared to iptables, the advantage is that you don't need to know the ports of the services, but not all services support this mechanism. Reverse SSH tunneling allows you to use that established connection to set up a new connection from your local computer back to the remote computer. Manually, I would log in using ssh and then run the commands. At the moment, I'm doing calls like this: cmd 'some unix command' retcode subprocess.call (cmd,shellTrue) However, I need to run some commands on a remote machine. In case you dont have it, you can install it by: Start -> Control Panel -> Putty (SSH For Windows). You'll need to edit /etc/hosts.allow and /etc/ny for this. 207 I'm writing a script to automate some command line commands in Python. On windows platforms the supported SSH client is Putty. LE: A couple of network services including RPC (used by NFS) and SSH, use the hosts_access mechanism ( man hosts_access) for host based authentication/authorization.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |