Tuesday, 25 June 2013

How to Prohibit root logins on Terminal Devices

Problem: You want to prevent the superuser,root from logging in directly over a terminal or pseudo-terminal

Soution: Edit /etc/securetty, this file contains device names, one per line, that permit root logins.Make sure there are no pseudo-ttys(pty) devices listed, so root cannot log in via the network, and remove any others of concern to you.


 # serial lines
 # devfs devices

If possible dont permit root to log in directly.

No comments:

Post a Comment