AnsweredAssumed Answered

Host and Loginappl together

Question asked by lu.ga01 Employee on Mar 30, 2017
Latest reply on Mar 30, 2017 by lu.ga01

I am searching a solution for a request of a customer. Right now, he uses loginappl to control who can login from any machine. For instance,

auth LOGINAPPL ssh gid(sysadmin) acc(X)

Unfortunately, he cannot use loginappl to control where the login request comes from.

Now, he needs to allow any users connected from a specific host, for instance, hermes via ssh. I think to use a rule like,

authorize TCP ssh uid(*) host(hermes) access(write)

 

Can these two policies work together to meet the request of the customer? When a ssh request from hermes, it is allowed for any user. When the request from other hosts, loginappl will control.

Thanks

Outcomes