• Home
  • Help
  • Search
  • Login
  • Register
Pages: [1]
Author Topic: Restricting access to console login for root on debian squueze  (Read 1637 times)
phampson
Newbie
*

Karma: 0
Posts: 32


View Profile
« on: June 11, 2010, 07:20:39 AM »

Hi

Im trying to restrict access to root , to only the console /dev/ttyS0. Ive got a sheevaplug running debian squueze.

Looking on the web I ve remove loads of entries in /etc/securetty and also editted /etc/login.defs to uncomment the console entry out and changed to include ttyS0

However it still lets me login to root on a ssh session. Any idea why / what am i missing. I installed sudo and setup /etc/sudoers to allow another user to sudo to root.

How do i know if pam is running, all the configuration files are present along with libpam*. 

Ive tried rebooting , as far as I can see I shouldnt need to. Just edit the /etc/securetty file

Any help would be appreciated
Logged

firehawk
Newbie
*

Karma: 1
Posts: 10


View Profile
« Reply #1 on: June 11, 2010, 07:44:05 AM »

Hi,

check the /etc/ssh/sshd_config for the option "PermitRootLogin no".
You can also restrict the ssh access to some users with the option "AllowUsers YourUser".

Simply check out the man page of sshd_config: "man sshd_config".

FireHawk
Logged

phampson
Newbie
*

Karma: 0
Posts: 32


View Profile
« Reply #2 on: June 11, 2010, 08:24:46 AM »

I changed the /etc/pam.d/sshd file to use /etc/security/access.conf and then editted this file to say root was only allowed to log in from ttyS0. I presume because it was an ssh session it used this file rather than securetty. Bit confusing.

Thanks for the reply

Paul
Logged

Pages: [1]
Print
Jump to: