Re: locking root to a machine

From: Bryn M. Reeves <bmr_at_nospam>
Date: Tue Oct 11 2011 - 13:51:56 GMT
To: Community support for Fedora users <users@lists.fedoraproject.org>

On 10/09/2011 05:12 PM, Beartooth wrote:
>
> A regular on a private list I follow has written :
>
> [...] therein lies the beauty of the newer flavors of *nix. You
> can lock root (and SU) access to physical machines ONLY, and
> even lock it down to specific logins ONLY on specific machines.
>
> How would Fedora do that?

There's the pam_securetty module that filters root logins to a set of
"secure" ttys listed in /etc/securetty. You can use that as a required
pam module in the system authentication configuration to restrict root
logins to physical terminals.

Regards,
Bryn.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

This message: [ Message body ]
Next message: Aaron Konstam: "Re: XFCE does not mount an audio CD"
Previous message: Tom Horsley: "Re: Results of the voting for the Fedora 17 release name"
In reply to: Beartooth: "locking root to a machine"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]