Gray Race

Asked: 2011-10-04 14:40:10 +0800 CST2011-10-04 14:40:10 +0800 CST 2011-10-04 14:40:10 +0800 CST

How can I determine which users are authenticating via ftp or telnet?

I've inherited a system that has both telnet and ftp enabled. As both these send passwords in cleartext I want to disable them. But many users have never changed their ways to use sftp or ssh. And before I make the change I need to contact them.

What is a good way to see either the number of users or ideally the usernames people are using to login on these services? The best idea I've come up with so far is to grep /var/log/secure. But I'm not sure of what/how to grep this and the high activity has made finding examples difficult. The system is running RHEL 5 if that helps.

Thoughts?

1 Answers

Voted

mailq
2011-10-04T14:51:52+08:002011-10-04T14:51:52+08:00
cat /var/log/auth.log. And then you need some grep fu to extract what you want.
3

How can I determine which users are authenticating via ftp or telnet?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?