Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
cancel
Showing results for 
Search instead for 
Did you mean: 

root login deny

SOLVED
Go to solution
Fabricio_2
Occasional Advisor

root login deny


Hello,

How can I lock the root user login by telnet?
I want that no one does login directly.

Thanks in advance,
Fabricio.
10 REPLIES
Robert Gamble
Respected Contributor
Solution

Re: root login deny

ls -la /etc/securetty

if it does not exist, then

echo console > /etc/securetty
chmod 400 /etc/securetty
chown root:sys /etc/securetty

see manpage for login for more details
Helen French
Honored Contributor

Re: root login deny

Create a file - /etc/securetty and put the word - console - in it.

This will restrict the root user login. Use root will only able to login from local console.

# man login (for more details)
Life is a promise, fulfill it!
Umapathy S
Honored Contributor

Re: root login deny

Hi,
Create a file called securetty in /etc.

echo console >/etc/securetty
chmod 400 /etc/securetty

Now console only allow direct access to root.

HTH,
Umapathy
Arise Awake and Stop NOT till the goal is Reached!
Fabricio_2
Occasional Advisor

Re: root login deny



OK, thanks...

And just one more question: How can I deny the remote login from a common user (not root)?

Thanks again...
Fabricio.
Umapathy S
Honored Contributor

Re: root login deny

I fear I dont understand your problem. You can always lock the account of that user.

Or add script in .profile of that user and logoff.

HTH,
Umapathy
Arise Awake and Stop NOT till the goal is Reached!
Helen French
Honored Contributor

Re: root login deny

1) Disable the account by editing passwd file or through SAM.

2) Add 'exit' command on the user $HOME/.profile file
Life is a promise, fulfill it!
Fabricio_2
Occasional Advisor

Re: root login deny



I don´t want that user "oracle" does login directly because it´s a generic user, I want that other user does a login and than it does a "su" for "oracle". So I can see who was oracle at sulog.

Thanks,
Fabri
Umapathy S
Honored Contributor

Re: root login deny

Fabricio,
Simplest way is

echo exit >>~oracle/.profile.

HTH,
Umapathy
Arise Awake and Stop NOT till the goal is Reached!
Helen French
Honored Contributor

Re: root login deny

Highlighted
Fabricio_2
Occasional Advisor

Re: root login deny


Thanks for everybody...

I used this script at /etc/profile to solve de problem:

NAME=`logname`
if [ $NAME = oracle ]
then
exit
fi