[techtalk] Re: techtalk digest, Vol 1 #445 - 11 msgs
Conor Daly
conor.daly at oceanfree.net
Sat May 12 16:54:50 EST 2001
On Fri, May 11, 2001 at 11:14:36PM -0400 or so it is rumoured hereabouts,
Mandi thought:
>
> For desktop unix, if you have need to worry about the physical security of
> the hosts you are deploying, get rid of init 1 in /etc/inittab. Comment
> out the lines about runlevel 1. You can also password protect LILO.
> There are some instructions here:
> http://lists.linux-india.org/lists/ilug-c/200104/msg00009.html
> (i looked up ""init 1" linux password protect" on google.)
>
> Make sure you change the /etc/lilo.conf file to mode 0400.
Better still, set a password in /etc/lilo.conf, run lilo to install, then
delete the password from lilo.conf. The actual password check doesn't go
near lilo.conf at boot time so there's no need to keep the password there
once it's installed.
To physically secure your box, password protect LILO, set a CMOS *setup*
password, set the CMOS to boot from HDD *only* (It irritates me the way
some CMOS's only allow me to set the *order* of boot devices but not to
disable any).
Then buy a big chain and padlock and lock the box to the floor!
Conor
--
Conor Daly <conor.daly at oceanfree.net>
Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
4:44pm up 11 days, 19:34, 0 users, load average: 0.00, 0.00, 0.00
Hobbiton.cod.ie
4:49pm up 11 days, 19:41, 1 user, load average: 0.00, 0.00, 0.00
More information about the Techtalk
mailing list