- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Restrict Login of Root on TTY1-6
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 04:57 PM
09-30-2003 04:57 PM
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 05:16 PM
09-30-2003 05:16 PM
SolutionAll other root access is via SU. Now, limiting the users that can 'su' is a job for the Pluggable Authentican Modules (PAM). In particular, the pam_access (see /usr/share/doc/pam-*/txts/README.pam_access for more details).
This module allows you to specifiy a list of users which are allowed access. To enable this access list, you just need to insert a line similar to 'auth require /lib/security/pam_access.so accessfile=/path/to/list/of/names' in '/etc/pam.d/su' (after 'pam_rootok.so')
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 05:16 PM
09-30-2003 05:16 PM
Re: Restrict Login of Root on TTY1-6
However, I do not think is a particularly good idea though I'm stuggling to think of a good reason why not except I feel you will find yourself in a position that you can not log in at all someday!. Certainly do not do this if you use NIS.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 05:43 PM
09-30-2003 05:43 PM
Re: Restrict Login of Root on TTY1-6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 10:09 PM
09-30-2003 10:09 PM
Re: Restrict Login of Root on TTY1-6
I agree taking out the console tty could leave you in a bad spot someday !
You should also protect your grub or lilo with a password as well as the bio setting.
a key/lock to make accessing mb,device,ram,battery could also be part of a realy secure scheme.
I know the above is not all about the sofware protection of your system and sounds paternalistic (it is not), but Your question implide that security is an issue.
keeping track of system change is also a must in a DR (disater recovery) plan I always try to keep the configuration/setup of bios,disk,tape,label,partions,particulare tailoring,etc,etc as well as the backup in an other location also under safe guard.
You (the system admin and management) are the only juge of the level you need and can afford.
So pls look at the above just as a check list that your question triggerd for me.
J-P
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-01-2003 02:37 PM
10-01-2003 02:37 PM
Re: Restrict Login of Root on TTY1-6
Thanks for the input guys.