 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
> >> I should not have been, but I was surprised when I could remotely log > >> in as root. I would like to disable this so remote users would have to > >> log on under their account and then su to do anything as root. In Solaris > >> we put a line CONSOLE=/dev/console in the file /etc/default/login. I > >> could not find a similar place on my Linux host. Is there one? > > I think you should have a look at /etc/securetty (list "devices" onto which > you can log as root - usually should only contain /dev/tty13 ;) ). > Regarding su, /etc/ttys limits the ports one can use to "su". > Also have a look at PAM, if your're running RedHat >= 4.2 You'll probably want something like this in /etc/pam.d/login as the first line: auth required /lib/security/apm_securetty.so This is really spooky... I think I'm finally starting to understand the PAM configuration process. Time from another LinuxSoup topic... *** Subcription/unsubscription/info requests: send e-mail with subject of "subscribe", "unsubscribe", or "info" to discuss-request at blu.org
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
