FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 10-09-2011, 04:12 PM
Beartooth
 
Default locking root to a machine

A regular on a private list I follow has written :

*[...] therein lies the beauty of the newer flavors of *nix.* You
can lock root (and SU) access to physical machines ONLY, and
even lock it down to specific logins ONLY on specific machines.

How would Fedora do that?

I wouldn't want it any PC on my LAN, because I do 99 44/100% of
the updating and general administrivia on a couple of them remotely over
ssh; but it sounds like a good thing to have on any laptop or tablet that
spends much time on wifi.

--
Beartooth Staffwright, Not Quite Clueless Power User
I have precious (very precious!) little idea where up is.


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-11-2011, 01:51 PM
"Bryn M. Reeves"
 
Default locking root to a machine

On 10/09/2011 05:12 PM, Beartooth wrote:
>
> A regular on a private list I follow has written :
>
> [...] therein lies the beauty of the newer flavors of *nix. You
> can lock root (and SU) access to physical machines ONLY, and
> even lock it down to specific logins ONLY on specific machines.
>
> How would Fedora do that?

There's the pam_securetty module that filters root logins to a set of
"secure" ttys listed in /etc/securetty. You can use that as a required
pam module in the system authentication configuration to restrict root
logins to physical terminals.

Regards,
Bryn.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 10:22 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org