On Tue, Feb 5, 2008 at 3:11 PM, in message
[EMAIL PROTECTED], Terry
Spaulding [EMAIL PROTECTED] wrote:
-snip-
I checked the /etc/sysconfig/displaymanager which has some new entries and
some of the entries had different responses compared to SLES9.
That shouldn't have anything to do with the
I am trying to setup SLES10 to prevent direct login as root
on the 3270 console for a SLES10 Linux guest.
Terry;
In order to do this, you need to remove or comment the entry for ttyS0
in /etc/securetty.
It doesn't seem like a good idea in practice, though I couldn't put my
finger on
On Feb 5, 2008, at 2:11 PM, Terry Spaulding wrote:
I am trying to setup SLES10 to prevent direct login as root on the
3270
console for a SLES10 Linux guest.
I have disabled that in /etc/ssh/sshd_config with no problem for ssh
sessions.
Something must be different on SLES10 compared to SLES9.
On Tuesday 05 February 2008 15:11, Terry Spaulding wrote:
I am trying to setup SLES10 to prevent direct login as root on the 3270
console for a SLES10 Linux guest.
I have disabled that in /etc/ssh/sshd_config with no problem for ssh
sessions.
Something must be different on SLES10 compared to
I am trying to setup SLES10 to prevent direct login as root on the 3270
console for a SLES10 Linux guest.
I have disabled that in /etc/ssh/sshd_config with no problem for ssh
sessions.
Something must be different on SLES10 compared to SLES9.
I checked the /etc/sysconfig/displaymanager which has
This was my first thought also, but on second blush, if you have properly
set up sudoers, then being able to log in as your own userid, listed in
sudoers, is sufficient, and you shouldn't need to log into root from
anywhere, in theory.
The downside of this theory comes in the form of certain
My mistake here.
I am not preventing direct root login on the 3270 console.
Any ID you enter on the 3270 console including root allows for no password
or incorrect password.
I am thinking I must have something not set correctly in one of the
/etc/pam.d files ?
Any thoughts ?
TIA
To do this, remove or comment the entry for ttyS0 in /etc/securetty.
Note that this will make repairing problems harder. The time you need
root access on the console most is when everything else is borked, and
you already have the CP login password for the virtual machine
protecting the console
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On
Behalf Of Mark Post
Sent: Tuesday, February 05, 2008 2:35 PM
To: LINUX-390@VM.MARIST.EDU
Subject: Re: preventing direct root login on the 3270 console
for SLES10
On Tue, Feb 5, 2008 at 3:15 PM
On Tue, Feb 5, 2008 at 3:15 PM, in message
[EMAIL PROTECTED],
Stricklin, Raymond J [EMAIL PROTECTED] wrote:
-snip-
It doesn't seem like a good idea in practice, though I couldn't put my
finger on exactly why.
Ohh, I can. If login for non-root users is broken for any reason, you're done.
Ohh, I can. If login for non-root users is broken for any
reason, you're done. (Seen that happen a number of times on
Intel/AMD systems.)
That's precisely the sort of thing I was thinking of. The nologin
situation is also a good one. I haven't worked enough with this part of
Linux to
On Tue Feb 05 15:46:15 CST 2008, Stricklin, Raymond J
[EMAIL PROTECTED] wrote:
Ohh, I can. If login for non-root users is broken for any
reason, you're done. (Seen that happen a number of times on
Intel/AMD systems.)
That's precisely the sort of thing I was thinking of. The nologin
12 matches
Mail list logo
