09-16-2002
Prevent root login directly
Hi
How can I prevent anyone from logging in as root directly? I have added the line
console=/dev/null
to the file /etc/default/login
I was still able to login as root from the console. Please advice.
Thanks
Srini
9 More Discussions You Might Find Interesting
1. Answers to Frequently Asked Questions
We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies
2. UNIX for Dummies Questions & Answers
How to prevent root users from editing files (logs)? Is there any way? (4 Replies)
Discussion started by: vehchi
4 Replies
3. UNIX for Advanced & Expert Users
We have a shared development box, running Solaris 10 that is an NIS client, all the developers have local root password. If they know the NIS uid of another user, they can just do
% useradd -u <uid> login
And then log in as that user and have full access to his files in his home directory. ... (3 Replies)
Discussion started by: nfw
3 Replies
4. AIX
Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in.
I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies
5. HP-UX
HI,
We are facing a problem while trying to login using ssh.
The user is able to login using telnet.
We are able to login as another user using ssh and then su to that user which is successfull.
What should i be checking for the user to be able to login directly using ssh.
Thanks in... (2 Replies)
Discussion started by: sag71155
2 Replies
6. Solaris
I would like to know how to prevent users connecting to a server using SSH as root.
I would still like them to be able to login with their username and then change to su.
But I would like to prevent them logging in directly as root.
I have searched the forum and read that I should set... (3 Replies)
Discussion started by: Sepia
3 Replies
7. Red Hat
Is there any method by which fedora 13 can be boot directly from root?? (4 Replies)
Discussion started by: sony star
4 Replies
8. Red Hat
Hi,
I find there is some customized linux with application.
When I use login account root and type the password.
It is not allow to login.
But if I login with specified user and password.
Then I use command "su - " and type root passwd.
It allow you to switch to "root" account .
Or if i... (14 Replies)
Discussion started by: chuikingman
14 Replies
9. UNIX for Advanced & Expert Users
Hi Experts,
Need your support
Redhat 6.5
I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login
to perform any task. (10 Replies)
Discussion started by: as7951
10 Replies
LEARN ABOUT CENTOS
logindevperm
logindevperm(4) File Formats logindevperm(4)
NAME
logindevperm, fbtab - login-based device permissions
SYNOPSIS
/etc/logindevperm
DESCRIPTION
The /etc/logindevperm file contains information that is used by login(1) and ttymon(1M) to change the owner, group, and permissions of
devices upon logging into or out of a console device. By default, this file contains lines for the keyboard, mouse, audio, and frame buffer
devices.
The owner of the devices listed in /etc/logindevperm is set to the owner of the console by login(1). The group of the devices is set to the
owner's group specified in /etc/passwd. The permissions are set as specified in /etc/logindevperm.
Fields are separated by TAB and/or SPACE characters. Blank lines and comments can appear anywhere in the file; comments start with a hash-
mark, ` # ', and continue to the end of the line.
The first field specifies the name of a console device (for example, /dev/console). The second field specifies the permissions to which the
devices in the device_list field (third field) will be set. These permissions must be expressed in octal format. For example, O774. A
device_list is a colon-separated list of device names. Note that a device name must be a /dev link. A device entry that is a directory
name and ends with "/*" specifies all entries in the directory (except "." and ".."). For example, "/dev/fbs/*" specifies all frame buffer
devices.
Once the devices are owned by the user, their permissions and ownership can be changed using chmod(1) and chown(1), as with any other user-
owned file.
Upon logout the owner and group of these devices will be reset by ttymon(1M) to owner root and root's group as specified in /etc/passwd
(typically other). The permissions are set as specified in the /etc/logindevperm file.
FILES
/etc/passwd File that contains user group information.
SEE ALSO
chmod(1), chown(1), login(1), ttymon(1M), passwd(4)
NOTES
/etc/logindevperm provides a superset of the functionality provided by /etc/fbtab in SunOS 4.x releases.
SunOS 5.10 22 Oct 2003 logindevperm(4)