1

The setting: A remote Linux server with about 10 users running CentOS 6.5. The users use a username/password to connect to the server with PuTTY. Certain users need to have X11 forwarding available, but others do not need and must not be able to use X11 forwarding, but they can login remotely. For the users with X11 forwarding, if they run a GUI application for more than an hour, it is killed automatically.

How can I apply these restrictions?

P.S. I could enable the X11 forwarding by modifying the sshd config file. However, I cannot do the rest.

Improve this question

1 Answer 1

Reset to default
3

You can enable X11 based on group or user.

/etc/ssh/sshd_config :

X11Forwarding no
AllowTcpForwarding no


# Allow group to use X11
Match Group group_name
    X11Forwarding yes
    AllowTcpForwarding yes

# Allow user to use X11
Match User user_name
  X11Forwarding yes
  AllowTcpForwarding yes

You can create a cron job to kill the process after 1 hour (3600 Seconds)

Kill all processes that are running for more than 5 minutes by a given user in linux bash script

kill -9 $(ps -eo comm,pid,etimes | awk '/^procname/ {if ($3 > 3600) { print $2}}')
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.