Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Disable root login on RH6 1

Status
Not open for further replies.
patrckb

patrckb

Technical User
Nov 6, 2001
94
US
How can I disable direct root login from telnet on RedHat 6.0?

I know I can put /bin/false as the root user shell in /etc/passwd but that would disable even console root login. I want to disable being able to telnet to the system and logging in as root directly. Of course, I want to still be able to "su -" to be able to read root's mail.

Patrick
 
Sort by date Sort by votes
what is the content of /etc/securetty? It may contain entries other that console ttys. If so take out all but the tty entries.
 
Upvote 0 Downvote
Gadzooks, Batman!

I have no /etc/secruetty file! There is a /etc/securetty.old that contains:
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8

I guess I need to rename it. It has permissions of 600; is that right?

Also, since I want to be able login as root on the console, is all I need in that file is "console?"

Patrick
 
Upvote 0 Downvote
On BSD you can disable SSH root by editing the /etc/ssh/sshd_config

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

LoginGraceTime 20
PermitRootLogin no
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

# rhosts authentication should not be used


This should be the same w/ linux if you did and install from source. Not sure about .rpm though.
 
Upvote 0 Downvote
when you log in as root on the console and enter the 'who' command, it probably shows you are logged in on tty1, not console. I think you just want to restore the securetty.old file. Permissions are 600 with owner and group as root.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
How Do I Start/Stop Systemd Services as a non-root User?
Replies
2
Views
411
gbaughma
gbaughma
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
85
bhuv560
bhuv560
gregor weertman
  • Locked
  • Question
set samba "template shell" dependent on group
Replies
0
Views
76
gregor weertman
gregor weertman
lslamp
  • Locked
  • Question
Bash Onliner ... 1
Replies
2
Views
143
lslamp
lslamp
RedLinux
  • Locked
  • Question
Login session issues with HTTP headers
Replies
0
Views
71
RedLinux
RedLinux

Part and Inventory Search

Sponsor

Back
Top