Ping a Specific Port

Question

Tom Marthenal

Asked: 2012-07-28 11:09:34 +0800 CST2012-07-28 11:09:34 +0800 CST 2012-07-28 11:09:34 +0800 CST

How to prevent use of `w` and `who` on shared webhosts

772

We are in the process of setting up a hosting machine that clients will have SSH access to. We don't want them to be able to see a list of user accounts, but the problem we have run into are commands like w and who.

We could disable those, but then they could just bring their own binary. I just tried on a shared webhost, and I was the only user who showed up in w, even though it's a large shared box and I doubt I'm the only one on.

How can I prevent users from seeing who else has logged in via SSH?

2 Answers

Voted

Matthew Ife · Answer 1 · 2012-07-28T11:16:48+08:00

Best Answer

Matthew Ife

2012-07-28T11:16:48+08:002012-07-28T11:16:48+08:00

w and who basically read the data from /var/run/utmp. If you change the permissions of it to say 660 that will prevent users being able to read it.

3

Lucas Kauffman · Answer 2 · 2012-07-28T11:13:09+08:00

Lucas Kauffman

2012-07-28T11:13:09+08:002012-07-28T11:13:09+08:00

You can disable the command by running chmod 700 /usr/bin/who. I'd do this in addition to Mlfe's answer.

This will disable execution for all users except root.

0

How to prevent use of `w` and `who` on shared webhosts

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?