What I suggest is that you set the root account to be able to log in locally only and set the loginretries to zero:
In /etc/security/user set
Anyone wanting to use the root account should login as themselves first and use a package like sudo to ensure that you know who is using the root account.
The login locally will be protected by HMC access (or in the case of older kit) Data Centre access.
Hi, hope someone could help me here:
Our root account was disabled on our production server this morning and usually we would login at the console to re-enable the account. However we are unable to get a login prompt at the console. The console displays the 8 options along the bottom and a... (2 Replies)
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
hi,
how to access console of a switch having rj45 on switch side to db 9 female on pc side console cable which needs to be connected to one console server having rj11 on its side and db 9 female on other end.i.e. on switch side,console cable has rj45 and db 9 pin female connector on other side of... (1 Reply)
Hi Everyone,
we had a one IBM P650 standalone server, planning to install AIX OS on top of it, I don't have HMC, is their a way to access to console of the server using serial cable or any other option for installing OS on top of it.
Thanks, (1 Reply)
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
I access over 100 SUSE SLES servers as root from my admin server, via ssh sessions using ssh keys, so I don't have to enter a password. My SUSE Admin server is setup in the following manner:
1) Remote root access is turned off in the sshd_config file.
2) I am the only user of this admin... (6 Replies)
We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies
LEARN ABOUT POSIX
chsh
CHSH(1) User Commands CHSH(1)NAME
chsh - change login shell
SYNOPSIS
chsh [options] [LOGIN]
DESCRIPTION
The chsh command changes the user login shell. This determines the name of the user's initial login command. A normal user may only change
the login shell for her own account; the superuser may change the login shell for any account.
OPTIONS
The options which apply to the chsh command are:
-h, --help
Display help message and exit.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-s, --shell SHELL
The name of the user's new login shell. Setting this field to blank causes the system to select the default login shell.
If the -s option is not selected, chsh operates in an interactive fashion, prompting the user with the current login shell. Enter the new
value to change the shell, or leave the line blank to use the current one. The current shell is displayed between a pair of [ ] marks.
NOTE
The only restriction placed on the login shell is that the command name must be listed in /etc/shells, unless the invoker is the superuser,
and then any value may be added. An account with a restricted login shell may not change her login shell. For this reason, placing /bin/rsh
in /etc/shells is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell
back to its original value.
FILES
/etc/passwd
User account information.
/etc/shells
List of valid login shells.
/etc/login.defs
Shadow password suite configuration.
SEE ALSO chfn(1), login.defs(5), passwd(5).
shadow-utils 4.5 01/25/2018 CHSH(1)