DistributedNetworks DistributedNetworks


Host Security  «Prev 

Controlling root login Access using /etc/securetty

/etc/securetty

The /etc/securetty file allows you to specify which TTY devices the root user is allowed to login on. The /etc/securetty file is read by the login program usually /bin/login. Its format is a list of the tty devices names allowed, and for all others that are commented out or do not appear in this file, root login is disallowed. Disable any tty that you do not need by commenting them out # at the beginning of the line. Edit the securetty file vi, /etc/securetty and comment out the following lines:
 tty1
 #tty2
 #tty3
 #tty4
 #tty5
 #tty6
 #tty7
 #tty8

Which means only root is allowed to login on tty1. This is my recommendation, allowing root to log in only on one tty device and use the su command to switch to root if you need more. devices to log in as root.

Pre-Installed Linux Laptop
  1. This command lists the contents of the /etc/securetty file
  2. This shows that the first direct virtual console is available
  3. This shows that the second direct virtual console is available
  4. This shows that the third direct virtual console is available.
  5. This shows that the fourth direct virtual console is available
  6. This shows that the fifth direct virtual console is available.
  7. This shows that the sixth direct virtual console is available
  8. This shows that the seventh direct virtual console is available
  9. This shows that the eigth direct virtaul console is available