- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Disable root rlogin
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2004 05:20 AM
тАО07-12-2004 05:20 AM
Is there a way to disable rlogin for root, but allow all the r* services enable(ie. rcp, remsh...) for root. I have already set up an /etc/securetty file to force root login only from the console. I would configure the /var/adm/inetd.sec file, but this would disable rlogin for everyone. I'm only interested in disable rlogin for root. Any advice is appreciated.
Thanks,
Henry
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2004 05:29 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2004 05:40 AM
тАО07-12-2004 05:40 AM
Re: Disable root rlogin
Hai
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2004 05:44 AM
тАО07-12-2004 05:44 AM
Re: Disable root rlogin
There is no way, you can do that with inetd.sec. If is for rejecting/allow service to a host/network
Your only option seems to be tcp wrappers.
Anil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2004 05:53 AM
тАО07-12-2004 05:53 AM
Re: Disable root rlogin
I have to agree w/RAC on this one.
With inetd.sec granularity can only go down to hostname/IP as well as subnet.
With tcp-wrappers you *can* go down to username - like:
username@hostname.com
Henry - I believe that's the only way you can do this short of some code in /etc/profile that will query access method as well as login name to disallow root rlogins.
tcp-wrappers cab be had here:
http://hpux.cs.utah.edu/hppd/hpux/Networking/Admin/tcp_wrappers-7.6/
highly recommended.
Rgds,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2004 07:05 AM
тАО07-12-2004 07:05 AM
Re: Disable root rlogin
You are both right. My bad for believing my memory with reviewing the man page. Henry, inetd.sec cannot handle this. Sorry for my mistake.
Hai
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-23-2006 08:51 PM
тАО01-23-2006 08:51 PM
Re: Disable root rlogin
Have you checked /etc/inetd.conf and run inetd -c to pick up the changes if required. Also ensure no TCP wrappers by checking if you have a /etc/hosts.allow and /etc/hosts.deny.
It also worth checking /var/adm/inetd.sec for any entries.
Regards,
Simon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-23-2006 09:01 PM
тАО01-23-2006 09:01 PM
Re: Disable root rlogin
/.profile
ps | grep -q 'rlogind'
if [[ $? -eq 0 ]]
then
echo "ERROR: rlogin with root account is disabled"
sleep 2
exit 1
fi
Note: remsh
It is working.
--
Muthu