Forbid root to log in X
Ivan Ivanov
rambiusparkisanius at gmail.com
Tue Nov 9 08:04:23 UTC 2004
Reg,
thank you for your answer
On Mon, 08 Nov 2004 11:22:47 -0700, Reg Clemens <reg at dwf.com> wrote:
>
> The file
> /etc/securetty
> says where (which ttys) Root is allowed to login from.
I just removed tty7 from /etc/security and the system does no allow
root to login irregardless of the desktop manager.
> If you remove all the entries you should take care of "login"
>
> For ftp (actually vsftpd) there is a file
> /etc/vsftpd.ftpusers
> that lists those who are NOT allowed to login in (root is already there)
>
> and Im sure that if you look at the documentation for sshd there
> must be an option there to disallow root access.
Yes, there is an option in sshd_config file called PermitRootLogin and
I have already turned it to no.
> With all of these, if a user has succeeded in loging in locally, he
> will still be able to su to root.
I know that the user can su to root. However, I have found that using
graphical environment as root is not good practice.
Regards Ivan
>
> --
> Reg.Clemens
> reg at dwf.com
More information about the users
mailing list