FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 03-08-2012, 01:13 PM
Stayvoid
 
Default Securing Debian Manual: 4.10.1 User authentication: PAM

Hello.

"Add root and the other users that should be able to su to the root
user to this group."
I'll be the only user of the server. Should I create a guest user for
me? Will it be enough to have a root access?
(The answer is pretty obvious, but I want to be sure.)

"To make sure that the user root can only log into the system from
local terminals, the following line should be enabled in
/etc/pam.d/login: auth requisite pam_securetty.so"
I'll use a remote connection (SSH). Is it possible (and necessary) to
make the opposite thing (to disable login from the local terminals)?

http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html

Cheers


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAK5fS_Fbj3Nay32QWwbkkzTu3M+eGJyzkvAsGxFaEkO4Zswuy w@mail.gmail.com">http://lists.debian.org/CAK5fS_Fbj3Nay32QWwbkkzTu3M+eGJyzkvAsGxFaEkO4Zswuy w@mail.gmail.com
 
Old 03-08-2012, 10:48 PM
Andrei POPESCU
 
Default Securing Debian Manual: 4.10.1 User authentication: PAM

On Jo, 08 mar 12, 17:13:06, Stayvoid wrote:
> Hello.
>
> "Add root and the other users that should be able to su to the root
> user to this group."
> I'll be the only user of the server. Should I create a guest user for
> me? Will it be enough to have a root access?

It is considered good practice to use root access as little as possible
and only when really necessary (e.g. don't run a music player as root
except when you want to diagnose permission problems with the sound
system).

> (The answer is pretty obvious, but I want to be sure.)

Is it? I have no idea what you think the correct answer is.

> "To make sure that the user root can only log into the system from
> local terminals, the following line should be enabled in
> /etc/pam.d/login: auth requisite pam_securetty.so"
> I'll use a remote connection (SSH). Is it possible (and necessary) to
> make the opposite thing (to disable login from the local terminals)?

What local terminal, isn't this about a VPS?

Kind regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
 

Thread Tools




All times are GMT. The time now is 05:10 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org