 | | | restrict remote logins to service accounts. | restrict remote logins to service accounts. 2006-01-17 - By David.Knight@(protected)
Back
All,
I have an issue with Admins/DBA's logging into my servers directly as
service accounts such as user 'oracle'. I have had a hard time getting
people to adopt the use of sudo. I am at the point where I need to
restrict direct logins to these accounts. My goal is to force people to
sudo to the service accounts from there assigned user account. I only
allow ssh/scp connections to my servers. I have tried the sshd.config
option "AllowUsers" but this also restricts scp logins. I can;t restrict
this for automated processes run under the service accounts use scp. So
the only thing I need to restrict is direct remote "ssh" logins.
Any suggestions would be great.
-David Knight
<br><font size=2 face="sans-serif">All,</font>
<br><font size=2 face="sans-serif">I have an issue with Admins/DBA's logging
into my servers directly as service accounts such as user 'oracle'. I have
had a hard time getting people to adopt the use of sudo. I am at the point
where I need to restrict direct logins to these accounts. My goal is to
force people to sudo to the service accounts from there assigned user account.
I only allow ssh/scp connections to my servers. I have tried the sshd.config
option "AllowUsers" but this also restricts scp logins. I can;t
restrict this for automated processes run under the service accounts use
scp. So the only thing I need to restrict is direct remote "ssh"
logins.</font>
<br><font size=2 face="sans-serif">Any suggestions would be great.</font>
<br>
<br><font size=2 face="sans-serif">-David Knight</font>
<br>
--
Taroon-list mailing list
Taroon-list@(protected)
https://www.redhat.com/mailman/listinfo/taroon-list
|
|
|