On Sun, 2004-04-25 at 06:28, Richard Kurth wrote: > Is there a way to Prevent anyone from logging in as root. I what them > to only log in as admin and su to root. What would I change to make > this work?
There is an easy way to prevent direct root login via SSH. In /etc/ssh/sshd_config, edit the "PermitRootLogin" line to no, then restart the sshd server ("service sshd restart"). For console logins, look at /etc/securetty.
Note that this only serves as a tracking mechanism, really. You'll know who logged in and became root unless they don't want you to know. Once someone becomes root, they can modify logs, hide their presence, wipe their tracks... or whatever they wish.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx http://www.simpaticus.com
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
