Login or Register to Ask a Question and Join Our Community


AIX

Block root user in system console - aix 5.3

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX Block root user in system console - aix 5.3
# 1  
Old 11-24-2010
Block root user in system console - aix 5.3
How to block the root user login in system direct console. Users should login with non-root ids themselves and then use the su command to become root. Which configuration file i need to check and disable it.
# 2  
Old 11-24-2010
There seems to be some fundamental misunderstanding: the "console" is a directly attached terminal which is used for emergencies (like network connections being all down and the like).

As you use it in cases of emergency only and you can easily physically protect it (it is perhaps in the immediate vicinity of the system itself) you don't want to hinder roots access via this terminal. You would only unnecessarily complicate your work in cases of emergency.

bakunin
# 3  
Old 11-24-2010
if you want to disable ssh login
than in sshd_config file add this line
Code:
PermitRootLogin no

# 4  
Old 11-24-2010
bakunin, Yes, i know that, but i was forced to do this. Can you help me on this
# 5  
Old 11-24-2010
Still not sure that this is such a great idea - the virtual only time I ever use direct console access to any of my lpars is because scsu (or even a normal userlogin) does not work. Via console I do not have to do that so I can fix my problem ... if you really want a securized root than you might rather want to put the password into a virtual save where you need additional approval to get it, than forbid direct login - our root password is in a virtual safe and changed each time it had been used ...
Regards
zxmaus
# 6  
Old 11-24-2010
this might work. you can also limit which users can su with the sugroups attribute

Code:
chuser -a login=false root
chuser -a rlogin=false root

Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

What are the ideal ulimit settings for root user in AIX?

Hi, what are the ideal/best/recommended ulimit settings for a root user in AIX? I understand that it depends on our environment. But I would like to know...what are settings you guys use in your environment for best performance. default: fsize = 2097151 core = 2097151 ... (8 Replies)
Discussion started by: System Admin 77
8 Replies

2. AIX

List of AIX commands that can be run by ROOT user ONLY

Hello, I am testing sudo and I want to test it. Can anyone please let me know few commands (of course other than shutdown, reboot etc. as I can't reboot the box) on AIX that can be run by ROOT only. Thanks ---------- Post updated at 07:43 PM ---------- Previous update was at 07:38 PM... (5 Replies)
Discussion started by: prvnrk
5 Replies

3. AIX

AIX 0557 error The root file system does not mount

Hi, on running system, a disk was added hdiskx then importvg -y oraclevg hdiskx but hdiskx was actually a rootvg so since rootvg was already present in the existing system this happened Imported hdisk2 which was rootvg as importvg -y oraclevg hdisk2 in server since rootvg already... (1 Reply)
Discussion started by: filosophizer
1 Replies

4. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

5. Emergency UNIX and Linux Support

Reset AIX root password without shutting down the system

Hi All, I'm stuck in a severe problem here , Someone have changed the root password and he cannot remember it and there is no other user privileged user on the system , But I do have access to a non privileged user. On the top of the system an application which requires a theoretical ... (5 Replies)
Discussion started by: h@foorsa.biz
5 Replies

6. AIX

cant su to user or root AIX 5.3

Hi all, I cannt use 'su' to login to root or any other users though everything seems ok. I read some articles that says if you do recursive chmod 777 on /usr it can create this problem. I did the same. can anybody tell me how to repair it. Any ideas will be appreciated. thnks (7 Replies)
Discussion started by: itesh.dash
7 Replies

7. AIX

How can I authorize a non-root user to do a system backup with 'mksysb'?

I use AIX 5.2 I want to allow a non-root user to do a system backup with 'mksysb' command. I try to add 'ManageBackup' Role to that non-root user but it have an error "ksh: mksysb: 0403-006 Execute permission denied." What should I do? (8 Replies)
Discussion started by: AIX122
8 Replies

8. Solaris

Want to block ftp for root user

Hi Friends, I would like to block the root user for doing ftp. As I am aware that I need to put the entry for root in /etc/ftpusers.....am I right...??? But I am not able to edit the file & even more command is not working. #ls -l ftp* total 14 -rw-r--r-- 1 root sys 1249 Jun... (3 Replies)
Discussion started by: jumadhiya
3 Replies

9. AIX

AIX v.5.1 - system and user data backup

Hi everyone, I have no AIX experience at all. We have an IBM Server running AIX v.5.1. The server has a DDS-4 tape drive. I need to take complete system and user data backup.Should be able to restore the system and the user data in the event of system corruption or disaster. I was told that for... (5 Replies)
Discussion started by: Sezgin
5 Replies

10. UNIX for Dummies Questions & Answers

booting up but the system was waiting for user interaction at console

Hi all, My ssytem is mounted on a rack and not connected with any console. When I rebooted it remotely, it didn't go thru the bootup process. when I connect my laptop to the system locally and found that it was waiting for user interaction. Do you know how to disable it, so that it will boot... (1 Reply)
Discussion started by: stancwong
1 Replies
Login or Register to Ask a Question