How do I stop .....

**mace** · 05-09-2007

the logging in of root from the inital login screen?
I just found a server that was allowed to do this.
Why would someone have set this up this way??

thanks
Mace

**kakariko81280** · 05-09-2007

I think you'd be looking for /etc/securetty. It lists all of the tty devices that root is allowed to login from. Every other terminal requires a normal login but from there you can su/sudo.

I think the second option is better because it leaves a bigger trail in the logs.

The other option is to disable root logins completely and grant admin rights via sudo. Ubuntu for example does this.

At risk of being glib: the usual reason for relaxing security is convenience. If I had to guess I'd say that's what you are seeing. (Of course sometimes security is too inconvenient, at that point the user will look at circumventing it completely)

Does that answer your questions?

Chris...

***daark.child*** · 05-09-2007

What login screen is it? KDM, GDM or something else?

**mace** · 05-10-2007

It's a SUSE box using putty.

Also I looked at the /etc/securetty on the offending sys and a sys that will not let me form the inital screen login as root .The files are the same.

HELP

thx

Mace

**mace** · 05-10-2007

OK, I found some info I went to:
/etc/ssh/sshd_config and found:
PermitRootLogin yes:
I changed it to :
PermitRootLogin no

I then save the file and opened another putty session thinking that the root logon would be disabled. Much to my suprise I was still able to login initially
as root. What am I missing??
thanks
mace

**kakariko81280** · 05-10-2007

Did you restart sshd? It will not pick up the new settings immediately.

Let us know how you get on,

Chris...

Thread Tools

Display

How do I stop .....

Posting Permissions