i have 2 SUSE Linux Enterprise Server 10 SP1 (i586) boxes.if i take a look into /etc/security/access.conf ,i see following lines at the eof
# All other users should be denied to get access from all sources. #- : ALL : ALL
: myID : ALL
now earlier i had written scripts where files are 'scp'ed from these 2 boxes using 'myID' user but now they don work because of a security constraint.We can see 'myID' being blocked all accesses in above file.
Is there any way ,i can just use 'scp' feature ,without touching/modifying this above entry?
Can i do 'scp' even if my user is present in /etc/security/access.conf (above entry)?
Hello, I hope it's not too late. First, to answer your question - I don't think that with the current configuration you can overcome this security limitation. Probably those rules are enforced by your system administrator, so the best way is to communicate with the responsible person how to achieve your scp task. Probably, you can have a special designated user only for that task that will be allowed only scp from this host to a specific host, if your task's requirements are so simple. Else, perhaps you can go with more advanced rule, such as : -: ALL EXCEPT root user:10.191.4.244 - where IP address is fictional. This line means that ssh will only accept login access from root/user from IP address 10.191.4.244. If that is acceptable, you will need a modifications to PAM file as well.