[TriLUG] how do I limit log on off Id to thre IP address
    Brian A. Henning 
    lugmail at cheetah.dynip.com
       
    Wed Feb 11 00:56:12 EST 2004
    
    
  
There may be a much better way to do this (I have been known to come up with
arcane--but effective--ways of doing things), but one idea is to edit
/etc/bashrc (or the appropriate global rc file for whatever shell you choose
for your users) and add a script that checks the username (using the output
of a command such as whoami), then checks the IP currently being used by
that user (this can be gleaned from the sshd log, if not from a more direct
source?) against a list (maintained in a db just for fun) and immediately
logs said user off if the IP doesn't match.
I wouldn't be surprised if this idea would also prove to be easily defeated.
I'm no expert, just an idea guy.
The suggestion that just came through as I was typing this about using certs
is a much better suggestion, but I wanted to air my Rube Goldberg concept.
:-)
Cheers,
~Brian
    
    
More information about the TriLUG
mailing list