Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Deny root remote login help
Operating Systems Solaris Deny root remote login help Post 302105541 by Perderabo on Friday 2nd of February 2007 12:23:28 PM
Old 02-02-2007
"However, I'm still able to remotely login to my machine through telnet and/or ssh."
What is that supposed to mean? The change you made should have fixed telnet. Did it? For ssh, put a DenyUsers line in sshd-config. Do a "man sshd-config" for details.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

deny ssh from root - how to?

using redhat 7.2 Is it possible to not allow root to ssh into the server remotely, but allow the account that ssh'd in to the box to su to root? This way there is the added security of a hacker needing two passwords to hack your computer, a username/password for a regular account and also the... (3 Replies)
Discussion started by: theDirtiest
3 Replies

2. Answers to Frequently Asked Questions

Lost root password / Can't login as root

We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies

3. AIX

Deny root rlogin

Hi, I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
Discussion started by: funksen
4 Replies

4. AIX

Problems with disabling remote root login

Hello! I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh. What i did: - in /etc/security/user i added a line: rlogin = false which works fine when i try to login through telnet - after installation of openSSH i edited... (3 Replies)
Discussion started by: veccinho
3 Replies

5. AIX

Can't login root account due to can't find root shell

Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in. I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies

6. AIX

allow / deny root logins

Hello everyone I have to limit the root logins on my aix box (aix 5.3) I change the value on the /etc/security/user default (login and rlogin) change to false and add to root (rlogin and login = false) I tried in different ways but I got the same. Root still can login I try algo... (6 Replies)
Discussion started by: lo-lp-kl
6 Replies

7. Solaris

Remote ssh login as root

I edited my /etc/default/login file and commented the line: # If CONSOLE is set, root can only login on that device. # Comment this line out to allow remote login by root. # #CONSOLE=/dev/console I still cant login thru telnet or ssh. What else do i have to do to be able to login... (14 Replies)
Discussion started by: BG_JrAdmin
14 Replies

8. BSD

Deny logon for x hours if login failed x times

Hello, I have a small inquiry. Sometimes, my good friend, Charlie Root, sends me security notifications that a possible breakin attempt has occured. It looks like this: Oct 29 06:58:17 cigva sshd: reverse mapping checking getaddrinfo for 180.144.164.220.broad.sm.yn.dynamic.163data.com.cn ... (2 Replies)
Discussion started by: brightstorm
2 Replies

9. Linux

How to find remote Linux box login account without login in to that box?

Hi, How to find remote Linux box login account without login in to that box? I don't have login account at my remote Linux box. But I need who are all having login account. How do I findout? Thanks, --Muthu. (3 Replies)
Discussion started by: Muthuselvan
3 Replies

10. Solaris

how to login with ssh to remote system with out applying the remote root/usr password

how to login with ssh to remote system with out applying the remote root/user password with rlogin we can ujse .rhosts file but with ssh howits possible plz guide (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies

LEARN ABOUT REDHAT

mkxauth

mkxauth(1x)							Linux User's Manual						       mkxauth(1x)

NAME

       mkxauth - create and merge .Xauthority files

SYNOPSIS(1) mkxauth [ -q ] [ -u login ] -c [ host [ host ... ] ]

       (2) mkxauth [ -q ] [ -u login ] -m login(3) mkxauth [ -q ] [ -u login ] -f host(4) mkxauth [ -q ] [ -u login ] -r host [ -l login ]

       (5) mkxauth [ -q ] [ -u login ] -z host [ -l login ]

DESCRIPTION

       mkxauth	aids  in the creation and maintenance of X authentication databases (.Xauthority files).  Use it to create a ~/.Xauthority file or
       merge keys from another local or remote .Xauthority file.  Remote .Xauthority files can be  retrieved  via  FTP	(using	ncftp(1))  or  via
       rsh(1).	For a slight measure of security, mkxauth does not create any temporary files containing authentication keys (although anyone spy-
       ing on network packets can see the authentication key data as they pass	through  the  network;	for  secure  network  communications,  use
       ssh(1)).

   Creating and Adding to a .Xauthority File
       To  create  a .Xauthority file, use mkxauth -c (see(1) above).	mkxauth creates a .Xauthority file in the user's home directory (~/), con-
       taining a `key' or `magic cookie' for the host it was run on (the one returned by hostname(1)).	If a .Xauthority file already exists,  the
       keys are added to it.  If keys for that host already exist, they are replaced.

       To  create  or add to a .Xauthority file for another user, use mkxauth -u login -c.  mkxauth adds keys to ~login/.Xauthority (only the root
       user is allowed to do this).

       To add a key for more than one host, specify all hosts on the command line: mkxauth -c daffy porky bugs.  All hosts specified on  the  same
       command line receive the same key.  To create different keys for multiple hosts, run mkxauth for each host in succession:

	      mkxauth -c daffy
	      mkxauth -c porky
	      mkxauth -c bugs

   Merging Keys from Local .Xauthority Files
       To  merge keys from another local user's .Xauthority file, use mkxauth -m login (see(2) above).  mkxauth adds the keys in ~login/.Xauthor-
       ity to ~/.Xauthority, replacing any keys which already exist.  ~login/.Xauthority must be readable by the user  running	mkxauth  (normally
       only the root user can read other people's .Xauthority files).

   Merging Keys via FTP
       To  merge  keys from a remote .Xauthority file via FTP, use mkxauth -f host (see(3) above).  mkxauth retrieves the remote .Xauthority from
       host using ncftp(1) and adds those keys to ~/.Xauthority, replacing any keys which already exist.  [NOTE: you must have a ~/.netrc file set
       up to automatically log you into host, otherwise the FTP login attempt will fail.]

   Merging Keys via rsh(1)
       To  merge keys from remote .Xauthority file via rsh(1), use mkxauth -r host (see(4) above).  mkxauth retrieves the remote .Xauthority from
       host using rsh(1) and adds those keys to ~/.Xauthority, replacing any keys which already exist.	To login  as  a  different  user,  use	-l
       login.  [NOTE: you must have a .rhosts file set up properly for this to work, otherwise the remote login attempt will fail].

   Merging Keys via rsh(1) and gzip(1)
       If  your  remote  .Xauthority file is large, or to make it slightly less obvious that you're transferring authentication keys over the net-
       work, mkxauth can gzip(1) your .Xauthority file before retrieving it via rsh(1).  To do this, use mkxauth -z host (see(5) above).  mkxauth
       retrieves  the  remote .Xauthority from host using rsh(1) and adds those keys to ~/.Xauthority, replacing any keys which already exist.	To
       login as a different user, use -l login.  [NOTE: you must have a .rhosts file set up properly for this to work, otherwise the remote  login
       attempt will fail].

   Options
       To make mkxauth operate quietly, use the -q option.

       To add to ~login/.Xauthority, use the -u login option.

       To use login for the remote login in mkxauth -f, mkxauth -r, and mkxauth -z, use the -l login option.

   Getting Help
       To get quick help about mkxauth, use mkxauth --help.

FILES

       ~/.Xauthority
       ~/.netrc
       ~/.rhosts

COMMENTS

       mkxauth	is mostly useful for maintaining .Xauthority files in an environment which uses startx(1x).  xdm(1x) uses its own method of gener-
       ating .Xauthority files.  However, mkxauth is still useful for transferring .Xauthority information to remote login sessions  so  that  the
       user can display remote X clients on the local host without too much trouble.

       Note,  however,	that  using  rsh(1)  is  inherently  insecure,	and  sites  concerned  about  security	should	use  ssh(1)  instead  (see
       http://www.cs.hut.fi/ssh/ for more information).

SEE ALSO

       X(1x), Xsecurity(1x), gzip(1), mcookie(1), md5sum(1), ncftp(1), rsh(1), startx(1x), xauth(1x), xdm(1x)

BUGS

       Does not respect the XAUTHORITY environment variable.

AUTHOR

       Conceived and written by Jim Knoble <jmknoble@redhat.com>.  Copyright 1996 by Jim Knoble and Red Hat Software.  Distributed under  the  GNU
       GPL (General Public License); see ftp://prep.ai.mit.edu/pub/gnu/COPYING for more information.

Red Hat Software						    12-Dec-1996 						       mkxauth(1x)
All times are GMT -4. The time now is 10:21 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy