edwardspl@xxxxxxxxxx wrote:
Tom Spec wrote:
What do you mean by "solution"? Do you want to stop people from
logging in when they have the correct password?
You should make your passwords strong enough so that people cannot
(easily) guess/hack them.
Don't allow people to log in as root remotely.
You can limit where people can log in from by using iptables.
Tom
If there is ssh-telnet service for user...
Then is there a solution to fix the problem of hack ( although someone
who know the user's password, but they can't modify / delete any profile
files, so the user who can login to the server nect time again ) ?
eg : limit user profile ( user account ) ?
if so, how to do this ?
Edward.
I think the real solution is to teach your user that it is important not
to let others know his password if he hasn't figured that out himself
yet. And if others do need this access they should have their own
accounts instead of being able to pretend to be someone else.
--
Les Mikesell
lesmikesell@xxxxxxxxx
