I added the following lines to /etc/ssh/ssh_config file:
PermitRootLogin no
DenyUsers root
DenyGroups root
And then restarted my sshd as followd:
# /etc/init.d/sshd restart
Then, I exited out of the box and logged back in as root thru ssh.
1- What am I doing wrong?
2- How do I restrict root direct console login?
how to enable direct login of root via ssh?I find and info that i just need to update /etc/ssh/sshd_config, but i couldn't see that file in the location.
View 14 Replies View RelatedI have a need to start an application on bootup on the linux console and I do not have a need for any type of login or security. I do not need any ALT-F1,F2,etc virtual consoles but I would like to allow SSH access via the network port for debugging, loading, etc.
The application is a SDL graphics program running with fbcon as the SDL_VIDEODRIVER if that matters. I'm currently using Fedora 10 and 12 but any distro that supports SDL using the fbcon framebuffer would be acceptable.
Eventhough users know the root credentials how to restrict them from direct login as root user. They can login as non root user first and then as root userthe material or provide some url for learning the perl script.
View 4 Replies View Related my linux system doesn't have X only console login possible. i would like to deny all user to login from any sources, local machine, remote console (putty, winscp) etc. except root.
i've found something about /etc/security/access.conf and i've put:
+ : root : ALL
- : ALL : ALL
but still users other then root are able to login (via putty for example).
I has Centos 5.5 with kernel 2.6.18-194.17.1.el5.
centos-release-5-5.el5.centos
Linux centos 2.6.18-194.17.1.el5 #1 SMP Wed Sep 29 12:50:31 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
My problem is this:
I can login as root in to Gnome and ssh but not in the console In fact I can login with anyuser in to Gnome and ssh but not in the console. By the console I'm referring to tty1-tty6. When the login screen is showed I write the user and password but then a message is quickly(I can�t see it) showed and erased and the login screen is showed again I looked the file /etc/security/access.conf but all the entries are marked as comments. I also looked the file /etc/securetty and this is the content:
console
vc/1
vc/2
vc/3
[code]....
I even can use "su" with root with no problem. The next entries are written in the /var/log/audit/audit.log file everytime I has this error:
type=USER_AUTH msg=audit(1284441198.687:5305): user pid=21795 uid=0 auid=4294967295 msg='PAM: authentication acct="root" : exe="/bin/login" (hostname=?, addr=?, terminal=tty2 res=success)'
[code]....
I wanted to disable root logins in console, so I searched for that. I found that if I change root's bash to "/sbin/nologin" in "/etc/passwd", root user will not be able to login. So I did that. But when I wanted to use sudo command, it didn't show me root bash, but it only do the same thing as logging in as root in single user mode (shows message that this account is disabled). So, how I can disable root logins, but keep enabled sudo command for standard users?
View 6 Replies View RelatedI want to set security regarding with the root user. The root user must not be allowed to login directly to the service console, how will I do this?
View 4 Replies View RelatedWhenever I login as root, an e-mail with the subject "Security information" is sent outwhere the e-mail address for this message is configured? I need to change it (or perhaps disable it).
View 9 Replies View RelatedI've recently installed 64bit version of ubuntu 9.10 but the GDMsetup doesn't seem to be working as it was in 9.04 i mean to say when you type gdmsetup at console the login window pops up where i can check the check-box "Allow local administrator log in" under security tab. to enable login as root. since it is not working i've to type password every time when i install a package or create a folder in root directory or mount a drive which is quite irritating how can i login as root in gui mode etc... also is there some syntax which i can put into /etc/gdm/custom.conf so i can log in as root....
View 2 Replies View RelatedI have a problem, I have installed Fedora 11. And i need to login as root user.
How to do so?
It's my personal computer, no other users, no one else in the house. I'm behind a separate stand alone firewall (Checkpoint device). I'm the admin on my machine and I'm going to enter sudo, or login as root, every time I need it anyway.
There's no way that having to switch to root is going to make me stop and think about what I'm getting ready to do. In fact it's quite the opposite. If I'm in the midst of troubleshooting, I'm preparing to enter a command that I think is going to work, and I get "Permission denied"... The aggravation is more likely to reduce my logical thinking, and I'll immediately switch to root and type it anyway.
I DO understand the rational of setting users (even admin users) to a lower permission level. However I don't understand the lack of a command to make a user PERMANENTLY root equivilent. Switching back and forth is a waste of time. AND it means that I now have to deal with two home directories... /root and /home/user. Having to type sudo, or su to switch to root, does not protect my system. It only aggravates.
Is there anyway to have a different password for login and root? For example, my account is Bratu. I want a login password: ABCD and my root password: EFG
View 1 Replies View RelatedFound a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?
View 14 Replies View RelatedRemote root login is enabled. How do I disable this
View 14 Replies View RelatedCan't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
View 3 Replies View RelatedOn my Ubuntu 8.04.4 LTS webserver I desperately want to disable the Root account. But at the moment I am unable because I prefer to use Nautilus/Dolphin on my home laptop for SFTP. The graphical interface also helps when comparing multiple config files at once, something that being limited to NANO or PICO would make extremely painful. The problem is that if I don't use ROOT I can't perform any SSH or SFTP actions with a graphical interface, because I can't use SUDO without the terminal. Does anyone else leave root enabled? I have a non-standard port, disabled password authentication in favor of ssh keys, and I have a tarpit configured
View 2 Replies View RelatedI'm trying to turn off SSH root login on Ubuntu 10.10. However, changing PermitRootLogin=no (/etc/ssh/sshd_config) do not work. Here is the sshd_config:
[code]...
I have a habbit of openning a 2 sessions of xwindow (I'm using KDE), one as user to browse the internet and the other as root to do some admin work. But someone told me that login to KDE as root is bad in terms of security. Is this true?
View 3 Replies View RelatedI want to count the failure root login attempts so that do an action when the user faild to login as root for three consecutive times (like log a line in syslog).
View 4 Replies View RelatedFor a month or so now, I have been enabling ssh and opening port 22. I cron'ed the start and stop commands to leave them open only a few hours a day. After a bit, I checked my logs to find that some IP or another was attempting to brute force my root account.
I took little real threat by the offense.
(1) my system does not allow root to login and
(2) it would cut them off sooner than later when my system issued the stop command.
fast forward
Today I log in to find that all of my log files, as viewed from the gnome log file viewer, were empty of entries from about noon yesterday and prior.
Though I haven't noticed anything at all out of the ordinary with my system, I would like to get more opinions on the matter. Would there be any conceivable way that this was an automatic system routine, a clean up action of something? Additionally, if I was indeed the victim of a hack, what can I do to further protect my system (keeping in mind that I do want to access my system via ssh from time to time)?
I got this from a website (cant remember URL).
Be warned if someone actually does manage to login as root on your computer or server.
Edit .bash_profile for root. How do I do this?
Code:
echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" your@email.com
Replace your@email.com with your own email. Save the file and exit.
I get the problem to acess root password when i am in user login, means wahen i am in user login and want to install software from terminal then he asked root password, when i supplied root password but he give me login incorrect.
View 2 Replies View RelatedHow to enable Root login...i cant copy or move something on the HDD...I have administrator rights and password for root but i cant change permissions for the HDD without login on root and root login are not allowed .
View 10 Replies View RelatedI don't what happened but yesterday I was working normally and then I shutdown the computer, today when I opened ubuntu it took me to tyy1 login screen, I entered my username and password then it took me to the normal login screen with the login drums sound and it wrote on my account (logged in) so I clicked it and I entered my password again and then I got to my ubuntu so what went wrong and how to fix it also I noticed that a new terminal in system tools occurred called Kernel (I didn't add it)
I'm using ubuntu 10.10 on Dell inspiron 1520 with Nvidia 8600GT and 3GB RAM
Important: this happened after update to generic-headers-24
I am not able to login to server from console attached to server, every time i enter username & password but it again asks for username & password. But when i try to login to server from remote machine, login happens properly.
View 4 Replies View RelatedHow I prohibit to do restart after ctrl+alt+delete ?
View 1 Replies View RelatedI just installed 10.04, and its taking me to the console login, rather than the graphical login. When I tried the live cd, the graphical environment was good. But after installation, I dont get the graphical login , so that I can get into the desktop.
I have a ATI Mobility Radeon X1400 card on ThinkPad T60. Everything was working on 8.10, and I decided to install 10.04 and now it doesnt work.
I am using rhel 5.3. I am using windows 2003 server 32-bit (the processor is 64 bit. AMD athlon x2). I have installed vmware and installed rhel5.3 64 bit on top of it. Now i am able to login as root from GUI mode (f7 console), but unable to login in text console from f1 to f6. I checked the /etc/securetty. But there was nothing unusual there. I think udev is causing this problem, since google said so. I cant find where the udev.rules file is located that google searches are taking about. How do i enable root login in f1-6 console.
View 4 Replies View Relatedi am having problems with privileges i have created a new user with my name, but i cant get root privileges on it. i need the same privileges as the root profile.
View 9 Replies View Related