On Mon, Mar 19, 2001 at 07:05:58AM -0500, Rishi L Khan wrote: > I when you say "their account" do you mean they have an account on the > machine you're seeting up accounts for? Or is this machine some kind of > "public kiosk" where anyone can get on?
Yes, it is a kind of "public kiosk". Nobody has logins at the location, but they can use it to access their acounts somewhere. > Allowing anyone to telnet in is a BAD idea. That means a script kiddie > from Belguim can telnet in. If you want to set up a public setup, make a > username and password, and just post it. > > Also, this doesn't require the telnet or ssh daemon to be running (unless > you need them for something else). I don't need them. Nobody will telnet to this machine. > Another solution is use NIS and have everyone's account information in one > location, and share it across the machines. > > -rishi > > On Mon, 19 Mar 2001, Pedro Zorzenon Neto wrote: > > > Hi, > > > > I'd like anyone to be able to use the local keyboard of some machines to > > telnet/ssh to any other machine and use their account on the other machine. > > > > A simple solution would be create one acount for user "anyone" without > > password and restrict its login with rbash to use just telnet/ssh. Also > > disallow ftp for user "anyone". > > Do you think this is a good solution? Does it opens some security hole?