Prevent log in as root
Rodolfo J. Paiz
rpaiz at simpaticus.com
Mon Apr 26 14:51:59 UTC 2004
At 06:18 4/25/2004, you wrote:
>On Sun, 2004-04-25 at 06:28, Richard Kurth wrote:
> > Is there a way to Prevent anyone from logging in as root. I what them
> > to only log in as admin and su to root. What would I change to make
> > this work?
There is an easy way to prevent direct root login via SSH. In
/etc/ssh/sshd_config, edit the "PermitRootLogin" line to no, then restart
the sshd server ("service sshd restart"). For console logins, look at
/etc/securetty.
Note that this only serves as a tracking mechanism, really. You'll know who
logged in and became root unless they don't want you to know. Once someone
becomes root, they can modify logs, hide their presence, wipe their
tracks... or whatever they wish.
--
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com
More information about the redhat-list
mailing list