prevent root remote login
2007-12-25 11:41:00
Thank you all for responding to my question. Altogether a total of
31 people answered . Thanks for such a great response.
The names are just too many to mention .
Solution:-
I have removed the word secure from /etc/ttytab and thing seems to work
in SUNOS4.x.
The most common answer is : -
The super-user root may only log in on those terminals
marked as "secure" in the /etc/ttytab file. Otherwise, the
super-user must log in as an ordinary user and become
super-user using su(1v).
In file /etc/ttytab remove "secure" from all entries but the one
for console. DO a command kill -1 1 after the file editing for
your changes to take effect.
There are other answers,
From: Rick Reineman <rick@lunger.llnl.gov>
Subject: Re: prevent root remote login
touch /etc/nologin
Rick
-----------
From: peter.allan@aeat.co.uk (Peter M Allan)
Subject: Re: prevent root remote login
In /etc/ttytab change the 'secure' status at the end of the line.
# @(#)ttytab 1.6 89/12/18 SMI
# name getty type status comments
#
console "/usr/etc/getty std.9600" sun on local unsecure
ttya "/usr/etc/getty std.9600" unknown off local unsecure
-----------------
However I am not sure the word unsecure is recognised .
Some of you suggested
edit /etc/default/login and uncomment the "console" line
This method is only used in Solaris 2.x .
One person suggested:
-------------
Have you already looked into the folloing files:
/etc/hosts.equiv ... for all users on this machine
~/.rhosts ... could be in every users home dir
-----------------
.rhost and host.equiv only do away with the prompting of passwd but
but does not prevent a person from login as root by providing the root passwd.
Maybe somebody can include this in the FAQ.
Thank again.
Regards
SP LAW
Comments
Got something to say?
You must be logged in to post a comment.
