HPE Community
Operating System - HP-UX
1838381 Members
2691 Online
110125 Solutions
New Discussion

Re: Enable/Disable root login

 
Todd Christopher Hamilt
Occasional Contributor

‎11-23-2006 05:08 AM

‎11-23-2006 05:08 AM

Enable/Disable root login

Hi,
probably easy question.
How is it possible to enable/disable root login from serial via with a wise terminal?

0 Kudos
Reply
2 REPLIES 2
James R. Ferguson
Acclaimed Contributor

‎11-23-2006 05:24 AM

‎11-23-2006 05:24 AM

Re: Enable/Disable root login

Hi:

If you want to restrict 'root' logins to only the server console, create '/etc/securetty' with the word "console" on a single line. This does not prevent a user from using 'su' but does provide better identification of 'root's use.

Regards!

...JRF...
0 Kudos
Reply
Yang Qin_1
Honored Contributor

‎11-23-2006 05:24 AM

‎11-23-2006 05:24 AM

Re: Enable/Disable root login

Hi, you can allow "root" logon directly from "console" only by create/edit /etc/securetty

man login:
If /var/adm/btmp is present, all unsuccessful login attempts are
logged to that file. This feature is disabled if the file is not
present. The lastb command, (see last(1)), displays a summary of bad
login attempts for users with read access to btmp.

If the /etc/securetty file is present, login security is in effect.
Only user root is allowed to log in successfully on the ttys listed in
this file. Restricted ttys are listed by device name, one per line.
Valid tty names are dependent on the installation. An example is

console
tty01
ttya1
etc.

Note that this feature does not inhibit a normal user from using the
su command (see su(1)).


Yang
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.