topic Re: Disable Root Remote Access on 10.20 in Operating System - HP-UX

Disable Root Remote Access on 10.20

Jason Fink_1 — Tue, 19 Oct 1999 07:58:06 GMT

Just switched from 9.07 to 10.20 on a post production server and I cannot get
the thing to disable remote root access. I already installed a self referencing
.rhosts in root's home (which is not / BTW) and /etc/hosts.equiv (with the - in
front of the hostname to show no root rlogin) - which worked on 9. Already
pored over docs and a variety of UN*X books - none of their mthods work
(possibly outdated).

Re: Disable Root Remote Access on 10.20

Kirk Gardner_1 — Tue, 19 Oct 1999 08:49:43 GMT

Check out /var/adm/inetd.sec and the corresponding man page: man 4 inetd.sec

Re: Disable Root Remote Access on 10.20

Susan Verhey_1 — Tue, 19 Oct 1999 08:55:54 GMT

Have you tried the file /etc/securetty ? You can read the man page on login for
more information. Basically,
root is allowed to log in only from the ttys listed in the file.

Re: Disable Root Remote Access on 10.20

Tim Webster_1 — Wed, 20 Oct 1999 05:48:53 GMT

Hi Jason,

Susan is correct. The /etc/securetty file is the way
to control where root can log in from. If you wish to disable root directly
logging in from anywhere but the console, just put an entry for "console" in
the /etc/securetty file. You'll want to set the file to owner root and group
bin and set it to 600 for permissions.

- Tim

Re: Disable Root Remote Access on 10.20

Jesper Sivertsen_2 — Tue, 26 Oct 1999 01:28:45 GMT

Just remove .rhosts from roots home directory. hosts.equiv works for all users
but root.

Best regards
Jesper Sivertseb