08-11-2008
On my Ubuntu Linux machine I can do this by editing /etc/securetty and commenting out all entries except for tty1 through tty8.
**EDIT - Sorry, I didn't realise this was in the SCO section, maybe someone should delete my post. Apologies.
10 More Discussions You Might Find Interesting
1. SCO
Hy,
Coud someone tell me how to disable root login via terminal (only from console should be allowed).
There is no ssh installed, only telnet.
I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login?
SCO OpenServer 5
... (1 Reply)
Discussion started by: veccinho
1 Replies
2. AIX
Hello!
I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh.
What i did:
- in /etc/security/user i added a line:
rlogin = false
which works fine when i try to login through telnet
- after installation of openSSH i edited... (3 Replies)
Discussion started by: veccinho
3 Replies
3. AIX
Hi,
I want to disable telnet login for root only so that other users can telnet?
Regards,
Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies
4. UNIX for Dummies Questions & Answers
we don't have root in our /etc/ftpd/ftpusers and we are getting some pushback from the external auditors about this - specifically as a security risk if a "sniffer" were to catch roots password at the ftp.
What do most shops do - disable ftp for root?
What do you do to get things to the... (3 Replies)
Discussion started by: LisaS
3 Replies
5. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
6. Red Hat
Hello everybody, we have a NIS User lsfadmin which gets his environment variables from the autmount /home/lsfadmin.
A newer version of the application needs a different environment to launch the application.
I can't change the environment of the NIS User because we use NIS company wide for... (0 Replies)
Discussion started by: sdohn
0 Replies
7. UNIX for Dummies Questions & Answers
I've been through many threads before i decide to create a separate thread.
I can't really find the solution to my (simple) problem.
Here's what I'm trying to achieve:
As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user.
The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies
8. AIX
Hello everyone,
Can anyone help me please. I want to disable SSH direct access for an AIX user.
For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 .
Thanks, (3 Replies)
Discussion started by: adilyos
3 Replies
9. UNIX for Advanced & Expert Users
Hi!! one strange problem occurred with my RHEL 5 box.
i'm having logs folder with ownership of non-root user. Created some files with root user under logs folder.
here is the scene:
-rw-r----- 1 root root 1048227 Feb 28 12:34 SystemOut_13.02.28_12.34.10.log
-rw-r----- 1 root root ... (6 Replies)
Discussion started by: sukhdip
6 Replies
10. Shell Programming and Scripting
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
Discussion started by: adisky123
4 Replies
LEARN ABOUT POSIX
pam_securetty
PAM_SECURETTY(8) Linux-PAM Manual PAM_SECURETTY(8)
NAME
pam_securetty - Limit root login to special devices
SYNOPSIS
pam_securetty.so [debug]
DESCRIPTION
pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in
/etc/securetty. pam_securetty also checks to make sure that /etc/securetty is a plain file and not world writable. It will also allow root
logins on the tty specified with console= switch on the kernel command line and on ttys from the /sys/class/tty/console/active.
This module has no effect on non-root users and requires that the application fills in the PAM_TTY item correctly.
For canonical usage, should be listed as a required authentication method before any sufficient authentication methods.
OPTIONS
debug
Print debug information.
noconsole
Do not automatically allow root logins on the kernel console device, as specified on the kernel command line or by the sys file, if it
is not also specified in the /etc/securetty file.
MODULE TYPES PROVIDED
Only the auth module type is provided.
RETURN VALUES
PAM_SUCCESS
The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable
device.
PAM_AUTH_ERR
Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the /etc/securetty file is world
writable or not a normal file.
PAM_INCOMPLETE
An application error occurred. pam_securetty was not able to get information it required from the application that called it.
PAM_SERVICE_ERR
An error occurred while the module was determining the user's name or tty, or the module could not open /etc/securetty.
PAM_USER_UNKNOWN
The module could not find the user name in the /etc/passwd file to verify whether the user had a UID of 0. Therefore, the results of
running this module are ignored.
EXAMPLES
auth required pam_securetty.so
auth required pam_unix.so
SEE ALSO
securetty(5), pam.conf(5), pam.d(5), pam(7)
AUTHOR
pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
Linux-PAM Manual 09/19/2013 PAM_SECURETTY(8)