Hey all. I'm working on limiting telnet access to one user on my system (with a restricted shell) by way of inserting a simple test condition in the .profile of all user directories. However, I'm having real trouble getting this script changed over to a format that the .cshrc or .login can use. There are a few accounts that use csh you see (including me) so this won't work unless I can somehow get the syntax changed into a format that it'll understand. The part I've added to .profile files for ksh users is: IS_SSH="`echo $SSH_TTY`" if [ -z "$IS_SSH" ] ; then echo "WARNING: User not on SSH TERMINAL!" exit fi This basically checks to see if the user is connected via ssh (As SSH_TTY will be set to the term name), and if they aren't (ie: SSH_TTY is empty), the user gets kicked off. Could come kind soul help me out on how to get this working with the .cshrc too? It doesn't seem to like multiple if statements so I'm confused :S Many thanks for any help.

Also... I should say, I think I could figure this out for myself if someone could tell me how to avoid csh throwing a hissy fit when a variable is not defined previously. The whole "SSH_TTY: Undefined variable" Thing is getting in the way somewhat. Even trying to output to a file or /dev/null doesn't help :( Again, thanks in advance.

Doh, no matter, I figured out I had to do this: if ($?SSH_TTY) then echo "You're on SSH" else echo "You're not on SSH" endif basically, csh is a real pain in the arse to script with as it parses and evaluates the whole line, hence will abort on a variable that isn't set... grrr.. Just to document this for anyone else that wants to do it, just use that script at the top for ksh and bourne shell users, and place the small script above these 2 paragraphs at the start of the .login of a csh user. You can remove/edit as appropriate to control which users can use ssh or telnet. :) I'll test for any exploits later, but I think it should be pretty safe seeing as they are run in the actual login scripts.