ITEM: J6881L

How to prevent root from logging in directly

Question:

I would like to force all logins to root to be through su.  In other
words, I do not want anyone to be able to login as root at the login
prompt or over the network.  How can I set this up?

Response:

You will need to set root's login and rlogin attributes to "false".
You can do this through SMIT with the following steps (you will need
to be root to perform these steps):

1) smit users
2) Select "Change / Show Characteristics of a User"
3) type in "root" for "User NAME"
4) Change "LOGIN User?" and "User CAN RLOGIN?" to "false".  Make sure 
   that "Another user CAN SU to user?" is set to "true".
5) Press the Enter Key or click on the Do button.

Now, no one will be able to login as root at the login prompt or via
telnet or rlogin.  Users will be allowed to su to root if they give 
the correct password.



Support Line: How to prevent root from logging in directly ITEM: J6881L

Dated: May 1994 Category: N/A

This HTML file was generated 99/06/24~13:30:43

Comments or suggestions?
Contact us