BladeSystem Forums have moved here
To make BladeSystem information easier to find, we have moved the BladeSystem forums here, to Servers and Operating Systems.
Security
Showing results for 
Search instead for 
Do you mean 

root should login only through console.

SOLVED
Go to Solution
Frequent Advisor

root should login only through console.

Hi,

 

i want to configure all my servers such that i cannot login to through root directly. only way login through root is by console. For achieving this i have made an entry in /etc/securetty file with the console written in it. But still i am able to login with root directly. is there anything more i need to do to achieve this?

 

 

Thanks,

Vijay

Lead Engineer, IMS.
iGATE
4 REPLIES
Honored Contributor

Re: root should login only through console.

>>But still i am able to login with root directly.

 

How are you logging in?  Are you logging in via SSH, telnet, rlogin, X-Windows?

 

If you are using SSH then the /etc/securetty file is not used.  There is an option in ssh_config or sshd_config (I can't remember which one) called ALLOW_ROOT_LOGIN (or something similar).  If it is set to YES, change it to no and then restart SSH on the server.

Frequent Advisor

Re: root should login only through console.

yes, thanks.

i am loggin through SSH via putty.

 

that is /opt/ssh/et/sshd_config file and the parameter is permitRootLogin no.

 

Thanks,

Vijay

Lead Engineer, IMS.
iGATE

Re: root should login only through console.

Make sure you have enforcesecuretty set to yes in your sshd_config file.  See page 44:

 

http://bizsupport2.austin.hp.com/bc/docs/support/SupportManual/c03243765/c03243765.pdf

 

Highlighted
Honored Contributor

Re: root should login only through console.


vijay alur alur wrote:

yes, thanks.

i am loggin through SSH via putty.

 

that is /opt/ssh/et/sshd_config file and the parameter is permitRootLogin no.

 

Thanks,

Vijay


Very good.  I was responding off-the-cuff without double-cheking the files themselves.  I'm glad you found what you needed.