HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- After setup /etc/securetty file, generating messag...
Operating System - HP-UX
1840151
Members
3113
Online
110161
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2009 06:16 PM
06-28-2009 06:16 PM
I setup /etc/securetty file to inhibit access as root user.
I want to generate information message when the user try to login with root user.
It's just a sample message.
"The root user is prohobited to login.
You must login with other users."
How can I generate above message?
Thanks in advance.
I want to generate information message when the user try to login with root user.
It's just a sample message.
"The root user is prohobited to login.
You must login with other users."
How can I generate above message?
Thanks in advance.
Solved! Go to Solution.
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2009 02:20 AM
06-29-2009 02:20 AM
Solution
The standard /usr/bin/login does not have the facilities to create customized rejection messages.
Instead, you might use /etc/issue (for serial-attached terminals) or banner files (for network connections; see the man page of your network connection server daemon) to announce this to *everyone* logging in.
If the server knows in advance that an authentication attempt is inevitably going to fail (i.e. the user chose the username "root"), it is more secure to allow the user to go through the motions of the standard authentication procedure and *then* kick the user out, *without* telling him/her exactly what was wrong.
This way a potential intruder cannot gather information on what is allowed and what isn't, and may spend some time making useless attempts. That allows the sysadmin more time and evidence to detect the intrusion attempt.
MK
Instead, you might use /etc/issue (for serial-attached terminals) or banner files (for network connections; see the man page of your network connection server daemon) to announce this to *everyone* logging in.
If the server knows in advance that an authentication attempt is inevitably going to fail (i.e. the user chose the username "root"), it is more secure to allow the user to go through the motions of the standard authentication procedure and *then* kick the user out, *without* telling him/her exactly what was wrong.
This way a potential intruder cannot gather information on what is allowed and what isn't, and may spend some time making useless attempts. That allows the sysadmin more time and evidence to detect the intrusion attempt.
MK
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2009 02:46 AM
06-29-2009 02:46 AM
Re: After setup /etc/securetty file, generating message
Shalom,
I would use /etc/issue as well.
Or not use /etc/securetty and build some code into /etc/profile to display the message.
/etc/issue and your current changes is the most secure way to prevent direct root login.
You might also try public key only ssh login for root, it is very secure and convenient for administrators.
http://www.hpux.ws/?p=19
SEP
I would use /etc/issue as well.
Or not use /etc/securetty and build some code into /etc/profile to display the message.
/etc/issue and your current changes is the most secure way to prevent direct root login.
You might also try public key only ssh login for root, it is very secure and convenient for administrators.
http://www.hpux.ws/?p=19
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP