Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(fwd) disabling remote console

> >>      I should not have been, but I was surprised when I could remotely log
> >> in as root.  I would like to disable this so remote users would have to
> >> log on under their account and then su to do anything as root.  In Solaris
> >> we put a line CONSOLE=/dev/console in the file /etc/default/login.  I
> >> could not find a similar place on my Linux host.  Is there one?
> I think you should have a look at /etc/securetty (list "devices" onto which
> you can log as root - usually should only contain /dev/tty13 ;) ).
> Regarding su, /etc/ttys limits the ports one can use to "su".

Also have a look at PAM, if your're running RedHat >= 4.2

You'll probably want something like this in /etc/pam.d/login as the first

auth	required	/lib/security/

This is really spooky...  I think I'm finally starting to understand
the PAM configuration process.  Time from another LinuxSoup topic...

Subcription/unsubscription/info requests: send e-mail with subject of
"subscribe", "unsubscribe", or "info" to discuss-request at

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /