[Techtalk] no remote root
Lee Blackwell
lee_blackwell at eur.3com.com
Wed Nov 21 18:08:54 EST 2001
> It´s my first time here at linuxchix, so hello everyone! I´d like
> to apologise too because of my poor english, since I´m Brazilian...
> (I´ll try my best:))
Your english is great.
> My doubt is if there is some way to block the root remote acess
> to my server... and if it exists, how may I do that??
Sure, you need to look at /etc/securetty
If you run "man securetty" you'll get:
SECURETTY(5) Linux Programmer's Manual SECURETTY(5)
NAME
securetty - file which lists ttys from which root can log in
DESCRIPTION
/etc/securetty is used by login(1); the file contains the
device names of tty lines (one per line, without
leading /dev/) on which root is allowed to login.
FILES
/etc/securetty
SEE ALSO
login(1)
So, anything that appears in /etc/securetty is trusted for a root login.
Is the root login by some means other than telnet? ssh perhaps? If so, you
may need to look at the config for the software in question, for example,
ssh would need its config file changing (/etc/ssh/sshdconfig or something
similar).
Hope that helps,
Lee.
--
Lee Blackwell
Unix Specialist, NCS, 3com IT.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d- s: a- c+++ ULS++++$ P++>++++ L+++>++++ E-- W+++ N+ o? K? w---
O? M? V? PS+ PE- Y+ PGP- t 5 X R?(R) tv++ b+(++) DI++ D+ G>+++ e(*)
h* r++(+++) y+
-----END GEEK CODE BLOCK ------
More information about the Techtalk
mailing list