11-19-2007
Quote:
Originally Posted by
andryk
Hey, is it a typo or ... because im able to ban remote login through ssh with PermitRootLogin no.
I belive root login is granted by default (or with PermitRootLogin yes such as your case).
OMG!
You'll have to forgive me guys... English is not my mother language, but still I'm speaking it relatively well.
But in this case i don't know what i was thinking. Of course, i know what Permit means, but somehow i was translating it as Deny.
Of course, it works when i set it to No.
Unbelievable!
Tnx, andryk
10 More Discussions You Might Find Interesting
1. SCO
Hy,
Coud someone tell me how to disable root login via terminal (only from console should be allowed).
There is no ssh installed, only telnet.
I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login?
SCO OpenServer 5
... (1 Reply)
Discussion started by: veccinho
1 Replies
2. Solaris
I edited my /etc/default/login file and commented the line:
# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
#CONSOLE=/dev/console
I still cant login thru telnet or ssh.
What else do i have to do to be able to login... (14 Replies)
Discussion started by: BG_JrAdmin
14 Replies
3. AIX
Hi,
I want to disable telnet login for root only so that other users can telnet?
Regards,
Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies
4. SCO
dear all,
pls give the sollution to disable root login from telnet directly.but it should allow while we type su command (2 Replies)
Discussion started by: prakrithi
2 Replies
5. Solaris
I'm attempting to deny a user's ability to login as root through any remote means - ie telnet or ssh. I've read most of the threads that I can find on this site and I've looked at BigAdmin on Sun's site. I have done what has been suggested here and on BigAdmin which is to make sure that the line... (5 Replies)
Discussion started by: gonzotonka
5 Replies
6. UNIX for Dummies Questions & Answers
we don't have root in our /etc/ftpd/ftpusers and we are getting some pushback from the external auditors about this - specifically as a security risk if a "sniffer" were to catch roots password at the ftp.
What do most shops do - disable ftp for root?
What do you do to get things to the... (3 Replies)
Discussion started by: LisaS
3 Replies
7. UNIX for Dummies Questions & Answers
Hi All,
I have setup a non root user on AIX 5.3, using smit. When I try logging on as that user my login screen just disappears. I am using PUTTY. I login to the same box as root no problems. I have tried re-creating several different usernames but get the same effect I have also telneted from a... (2 Replies)
Discussion started by: hansul
2 Replies
8. Solaris
how to login with ssh to remote system with out applying the remote root/user password
with rlogin we can ujse .rhosts file
but with ssh howits possible
plz guide (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies
9. AIX
I have disabled rlogin for root successfully , but after that i could not login to root from console and could not su to root from other users as it responded as expired account
I did not have any admin user but I have managed to recover the situation by accessing rootvg before mounting it, but... (5 Replies)
Discussion started by: majd_ece
5 Replies
10. UNIX for Advanced & Expert Users
Hi,
As part of the security hardening activity in our team, we have to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
To do this, in sshd_config I comment out these lines :
Ciphers aes128-cbc,blowfish-cbc,3des-cbc
MACS hmac-sha1,hmac-md5
and add... (9 Replies)
Discussion started by: anaigini45
9 Replies
netrc(4) Kernel Interfaces Manual netrc(4)
NAME
netrc, .netrc - Specifies automatic login information for ftp
SYNOPSIS
$HOME/.netrc
DESCRIPTION
The .netrc file contains the information used by the automatic login (autologin) feature of the ftp command. It is a hidden file in your
home directory and must be owned by the user logging in, or by the root user. If the .netrc file contains a login password, the file's
permissions must be set to 600 (read and write by owner only).
The .netrc file can contain the following entries (separated by spaces, tabs, or newlines): Where host is the name of a remote host. This
entry begins the definition of the autologin process for the specified host. All following entries up to the next machine entry or the end
of the file apply to that host. This is the same as machine, except that default matches any name. There can be only one default token,
and it must appear after all machine tokens. This is normally used as follows: default login anonymous password user@site The preceding
command line gives the user automatic anonymous ftp login to machines not specified in .netrc. This can be overriden by using the -n flag
to disable autologin. Where user is the username to use at the remote host. If this entry is found, the autologin process initiates a
login using the specified name. If this entry is missing, the autologin process fails. Where password is the login password to be used.
The autologin process supplies this password to the remote server. A login password must be established at the remote host and that pass-
word must be entered in this file, or the autologin process fails and you are prompted for the login password. Where password is the
account password to be used. If this entry is found and an account password is required at the remote host, the autologin process supplies
the password to the remote server. If the remote host requires an account password but this entry is missing, the autologin process
prompts for the account password. Where macro is the name of an ftp subcommand macro. The macro definition starts on the following line
and is defined to contain all of the following ftp subcommands up to the next blank line. If the macro is named init, ftp executes the
macro upon successful completion of the autologin process.
FILES
Contains automatic login information.
RELATED INFORMATION
Commands: ftp(1). delim off
netrc(4)