Date: Mon, 13 Apr 1998 17:11:52 -0400 (EDT) From: gsutter@pobox.com To: freebsd-questions@FreeBSD.ORG Subject: Re: Forced logoff Message-ID: <Pine.BSF.3.96.980413170325.19093G-100000@mph124b.rh.psu.edu> In-Reply-To: <3.0.5.32.19980413134702.00962cc0@207.213.224.25>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 13 Apr 1998, Dima Dorfman wrote:
>That's not really what I'm looking for. Let's say, there is a user that is
>about to break into your system. You _could_ use 'shutdown -k', but let's
>say that your boss is writing a very important document, and he's not
>autosaving it. You log everyone off, and your boss kills you because he
>needs to write it all over again.
>
>I'm looking to kick one user at a time.
Well, you could just kill their shell. That'll do a pretty good job.
You could kill all their processes with something like
ps -aux | grep username | awk '{print $2}' | xargs kill
Or you could lock them out, as should be done with any user trying to
crack root, by killing all their processes and then disabling their
ability to log in. There are several methods of doing that; one that I
like is using "vipw" to edit the password file and inserting a *
character at the beginning of their (encrypted) password. That way, if
it was an innocent mistake and things can be sorted out, you can just
re-edit the file, deleting the *, allowing them to use their original
password.
HTH.
GReg
--
Gregory S. Sutter "How do I read this file?"
mailto:gsutter@pobox.com "You uudecode it."
http://www.pobox.com/~gsutter/ "I I I decode it?"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980413170325.19093G-100000>