Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Procedure to restrict direct access as root
Operating Systems AIX Procedure to restrict direct access as root Post 302974819 by dio34 on Friday 3rd of June 2016 05:04:27 PM
Old 06-03-2016
IBM Procedure to restrict direct access as root
Hello,

I would like to confirm whether the below procedure is correct.

disabled direct super user access on AIX server using below procedure. Please let me know if there is any additional step.

Code:
1) confirm the access to HMC, console to reach the LPARs

2) chuser rlogin=false root
   chuser login=true root
    
3) set Permit Root login to No
 
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.original
 

vi /etc/ssh/sshd_config 
PermitRootLogin no

stopsrc -s sshd
startsrc -s sshd

4) confirm "rlogind" is disabled from /etc/inetd.conf
grep rlogind /etc/inetd.conf

thank you
 

10 More Discussions You Might Find Interesting

1. Programming

Direct disk access

Is there any way to write to disk sector by sector, without any files, filesystems etc. I did that in DOS, but that was DOS. (3 Replies)
Discussion started by: Lopatonosec
3 Replies

2. Linux

ssh - disable direct root login

Hi Guys.... I am a newbie to unix. I have a requirement. I have a server. I have to configure ssh to disable direct root login and then add a user with sudo access to this server.Then change the ssh port to 22315 and the server should permit the ssh only from my local machine ip.I also have to... (1 Reply)
Discussion started by: mahesh_raghu
1 Replies

3. Solaris

Direct/scsu access to unix account

Hey Is there any way to differentiate if a user is logged directly into a UNIX functional account or if they have scsu'ed into the functional account? Cheers Paul (2 Replies)
Discussion started by: runnerpaul
2 Replies

4. Linux

Restrict NFS access to root

Hi Everybody, If there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of one particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able... (4 Replies)
Discussion started by: sudhirav
4 Replies

5. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

6. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

7. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

8. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

9. AIX

Disabling SSH direct access for an AIX user

Hello everyone, Can anyone help me please. I want to disable SSH direct access for an AIX user. For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 . Thanks, (3 Replies)
Discussion started by: adilyos
3 Replies

10. UNIX for Advanced & Expert Users

Restrict service account from direct interactive sessions

Environment: CentOS 7 I would like to have a solution where a service account can access a server in only these ways: ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed) not ssh interactively regular... (2 Replies)
Discussion started by: bgstack15
2 Replies

LEARN ABOUT SUNOS

put

put(9F) 						   Kernel Functions for Drivers 						   put(9F)

NAME

       put - call a STREAMS put procedure

SYNOPSIS

       #include <sys/stream.h>
       #include <sys/ddi.h>

       void put(queue_t *q, mblk_t *mp);

INTERFACE LEVEL

       Architecture independent level 1 (DDI/DKI).

PARAMETERS

       q	Pointer to a STREAMS queue.

       mp	Pointer to message block being passed into queue.

DESCRIPTION

       put()  calls the put procedure ( put(9E) entry point) for the STREAMS queue specified by q, passing it the message block referred to by mp.
       It is typically used by a driver or module to call its own put procedure.

CONTEXT

       put() can be called from a STREAMS module or driver put or service routine, or from an associated interrupt handler, timeout,  bufcall,	or
       esballoc call-back. In the latter cases, the calling code must guarantee the validity of the q argument.

       Since  put()  may cause re-entry of the module (as it is intended to do), mutexes or other locks should not be held across calls to it, due
       to the risk of single-party deadlock (put(9E), putnext(9F), putctl(9F), qreply(9F)).  This function is provided	as  a  DDI/DKI	conforming
       replacement for a direct call to a put procedure.

SEE ALSO

       put(9E), freezestr(9F), putctl(9F), putctl1(9F), putnext(9F), putnextctl(9F), putnextctl1(9F), qprocson(9F), qreply(9F)

       Writing Device Drivers

	STREAMS Programming Guide

NOTES

       The caller cannot have the stream frozen when calling this function.  See  freezestr(9F).

       DDI/DKI	conforming  modules  and  drivers  are	no longer permitted to call put procedures directly, but must call through the appropriate
       STREAMS utility function, for example, put(9E), putnext(9F), putctl(9F), and qreply(9F). This function is provided as a DDI/DKI	conforming
       replacement for a direct call to a put procedure.

       The put() and putnext() functions should be called only after qprocson() is finished.

SunOS 5.10							    28 Apr 1992 							   put(9F)
All times are GMT -4. The time now is 07:26 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy