Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
General
cancel
Showing results for 
Search instead for 
Did you mean: 

Disable Root Remote Access on 10.20

Jason Fink_1
Occasional Visitor

Disable Root Remote Access on 10.20

Just switched from 9.07 to 10.20 on a post production server and I cannot get
the thing to disable remote root access. I already installed a self referencing
.rhosts in root's home (which is not / BTW) and /etc/hosts.equiv (with the - in
front of the hostname to show no root rlogin) - which worked on 9. Already
pored over docs and a variety of UN*X books - none of their mthods work
(possibly outdated).
4 REPLIES
Kirk Gardner_1
Occasional Visitor

Re: Disable Root Remote Access on 10.20

Check out /var/adm/inetd.sec and the corresponding man page: man 4 inetd.sec
Susan Verhey_1
Occasional Visitor

Re: Disable Root Remote Access on 10.20

Have you tried the file /etc/securetty ? You can read the man page on login for
more information. Basically,
root is allowed to log in only from the ttys listed in the file.
Tim Webster_1
Occasional Advisor

Re: Disable Root Remote Access on 10.20

Hi Jason,

Susan is correct. The /etc/securetty file is the way
to control where root can log in from. If you wish to disable root directly
logging in from anywhere but the console, just put an entry for "console" in
the /etc/securetty file. You'll want to set the file to owner root and group
bin and set it to 600 for permissions.

- Tim
Highlighted

Re: Disable Root Remote Access on 10.20

Just remove .rhosts from roots home directory. hosts.equiv works for all users
but root.

Best regards
Jesper Sivertseb