At 22:41 07/06/2000 +0200, Marco Calistri wrote:
>1) How to add a User-ID to linux,with full permissions,
> but avoiding the risks of using "root" as Login ?
adduser as usually (using command "useradd new-login").
Then supply password for new user (using command "passwd new-login").
Edit /etc/passwd at new user line. Change user group id (gid) with 0 (equal
to root, but it is not root, since root have user id 0).
>2) How to configure Telnet and FTP access permission to
> Linux Servers (Red Hat 6.0) from localhost and from
> a "lan" machine having a private "192.168.." i.p.a. ?
Since telnetd (telnet daemon) and ftpd (ftp daemon) using inetd (super
server), you can restrict your LAN access by editing your /etc/hosts.allow
and /etc/hosts.deny.
At /etc/hosts.allow just add lines, example:
in.telnetd: 192.168.1. #Segment that allow to access your machine with telnet
in.ftpd: 192.168.1. #segment that allow to access your machine with ftp
At /etc/hosts.deny add lines, example:
in.telnetd: 192.168.2. #segment that not allowed to access your machine via
telnet
in.ftpd: 192.168.2 #segment that not allowed to access your machine via ftp
Notes: /etc/hosts.allow used to allowing some (small part) machine or
segments to your machine. It means, there is more machine or segments that
not allowed to access your computer. For /etc/hosts.deny is vice versa.
Many hosts are allowed yo access your machine, but there is hosts or
segments that not allowed to access your machines.
Default is all segments are allowed, so the files look likes:
/etc/hosts.allow
ALL: ALL
and for /etc/hosts.deny is blank or no entry.
For more information, you can display manual for inetd (man inetd).
With best wishes,
Wahyu Kelik C
