cancel
Showing results for 
Search instead for 
Did you mean: 

Root disable at console

Fauziah Mahdan
Super Advisor

Root disable at console

HI all,
I have go through few posting about this root disable and need to know more on this.
We are in trusted mode and alreadt set the max failed attempt login is 3 at SAM.
All the while when the root id is locked remotely I still be able to login via console login.
The problem is when I set AUTH_MAXTRIES =3 at /etc/default/security .
After 3 times lock I could not login root even at console.
How to make sure only root can login at console or root cannot lock at all.

I did read one of the suggestion is to put cronjob modprpw -k root to unlock the root.

Just to get more idea if there is any command or step for root not to lock or atleast not at console.

2 REPLIES
madhuchakkaravarthy
Trusted Contributor

Re: Root disable at console

hi


/usr/lbin/modprpw -m mintm=0,exptm=0,lftm=0,expwarn=0 -k root

so that root pwd will not expire

Regards

MC
rajesh_32
Advisor

Re: Root disable at console

How to make sure only root can login at console ?
Ans
create a file /etc/securetty with content
as below
console