anderer@vax1.acs.udel.edu (David G Anderer) (03/30/89)
Setting: A public site with a dozen or so diskless Suns connected to one server. YP in use. Problem: How do I prevent people from getting to the server via TELNET or RLOGIN? There's no reason they should run jobs on the server, and a good one they shouldn't. However, since we're using YP, that implies they must be in /etc/passwd on the server, and thus by definition they have a legitimate account on the server. I'd like to keep YP because it does handle some things well - such as permitting someone to change their password for the entire cluster rather than on a per-machine bases. My one solution was to use some file other than /etc/passwd as the YP passwd map (such as /etc/passwd.clients). That works, except the server then has no knowledge of these accounts, and so things like ls -l on the server are messy because they display user numbers rather than user names. If there a way (short of source) to only allow SOME accounts remote access to the server? Dave Anderer Academic Computing and Instructional Technology University of Delaware