Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[AllenK]

We are trying to lock down a particular unix user-id to a specific PC.  PC running WIN-XP and Unix running SCO 5.0.6 and using ICE-Pro 5.1.06.  We have everything working using the auto logon feature of ICE-Pro.  The problem is that some of the users have figured out that if they interrupt the logon process by pressing some keys while the logon process is going on that it will make Unix fail the logon and come back and ask for another logon and then the user can logon as anyone they want.  We really need to lock this station to one user-id.  SOX and all that you know.  Because they are coming in on the network, we can't tie them down to a particular tty line.  Any help would be appreciated.

[Bob]

I did an extensive search on this. There seems to be no way to easily limit this in SCO unix.

It can be done easily in linux. In /etc/login.defs one can change the line LOGIN_RETRIES to:
LOGIN_RETRIES           0

If the users machines are on fixed addresses you could write a script called by the users .profile or by a /etc/profile entry, that pulls their ip address from the emulation and compares it and the $USER from the environment to see if they are allowed to login.

For example:
#!/bin/sh
echo  "\033[0]\c"
read  address
echo $address
echo $USER

This will printout the login users IP address and name.  A complete script would first check to see that an address is returned and just exit if not (only ICE will return an address, a console or xterm session will not).
Then, check to make sure when an ip address is X the user name is Y otherwise logout.

[AllenK]

Thank you Bob.  This gives me enough to develop a solution that will work for me.

Again thanks for the help.