Find the answer to your Linux question:
Results 1 to 6 of 6
the logging in of root from the inital login screen? I just found a server that was allowed to do this. Why would someone have set this up this way?? ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Jun 2006
    Posts
    141

    How do I stop .....


    the logging in of root from the inital login screen?
    I just found a server that was allowed to do this.
    Why would someone have set this up this way??

    thanks
    Mace

  2. #2
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    682
    I think you'd be looking for /etc/securetty. It lists all of the tty devices that root is allowed to login from. Every other terminal requires a normal login but from there you can su/sudo.

    I think the second option is better because it leaves a bigger trail in the logs.

    The other option is to disable root logins completely and grant admin rights via sudo. Ubuntu for example does this.

    At risk of being glib: the usual reason for relaxing security is convenience. If I had to guess I'd say that's what you are seeing. (Of course sometimes security is too inconvenient, at that point the user will look at circumventing it completely)

    Does that answer your questions?

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  3. #3
    Blackfooted Penguin daark.child's Avatar
    Join Date
    Apr 2006
    Location
    West Yorks
    Posts
    4,393
    What login screen is it? KDM, GDM or something else?

  4. #4
    Linux Newbie
    Join Date
    Jun 2006
    Posts
    141
    It's a SUSE box using putty.

    Also I looked at the /etc/securetty on the offending sys and a sys that will not let me form the inital screen login as root .The files are the same.

    HELP

    thx

    Mace

  5. #5
    Linux Newbie
    Join Date
    Jun 2006
    Posts
    141
    OK, I found some info I went to:
    /etc/ssh/sshd_config and found:
    PermitRootLogin yes:
    I changed it to :
    PermitRootLogin no

    I then save the file and opened another putty session thinking that the root logon would be disabled. Much to my suprise I was still able to login initially
    as root. What am I missing??
    thanks
    mace

  6. #6
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    682
    Did you restart sshd? It will not pick up the new settings immediately.

    Let us know how you get on,

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •