Re: [Dorset] Locking down physical console access
On 10/03/2011 05:01 PM, David Wilkinson wrote: Hi Does anyone know if there is a way to stop logins from the physical console so that a server can only be logged in via ssh? I did some searching but only seem to find ones for Red hat like systems or really old Ubuntu versions and the files they suggest changing don't exist any more. I am using Ubuntu server 11.04 x64. The modern Ubuntu way of doing that may be to change the contents of /etc/init/tty[1-6].conf. I've changed tty1.conf on my MythTV front-end so that a user automatically logs in, but you could also prevent logins completely. On the other hand, I'm not an expert on this stuff, so you should confirm these ideas elsewhere. cheers Chris -- Chris Dennis cgden...@btinternet.com Fordingbridge, Hampshire, UK -- Next meeting: Bournemouth, Tuesday 2011-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
Re: [Dorset] Locking down physical console access
On 04/10/11 09:31, Chris Dennis wrote: The modern Ubuntu way of doing that may be to change the contents of /etc/init/tty[1-6].conf. I've changed tty1.conf on my MythTV front-end so that a user automatically logs in, but you could also prevent logins completely. On the other hand, I'm not an expert on this stuff, so you should confirm these ideas elsewhere. cheers Chris Hi I did try to disable the tty's but I was then unable to connect to the server the server, it didn't respond to pings either so I am not sure if fully booted up or not, so I had to boot up from a live CD and change the files to allow tty's again. Just as thought is there away to prevent users from logging in locally while allowing remote access via ssh as that might be easier. Thanks David -- Next meeting: Bournemouth, Tuesday 2011-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
Re: [Dorset] Locking down physical console access
Hi David, The modern Ubuntu way of doing that may be to change the contents of /etc/init/tty[1-6].conf. I did try to disable the tty's but I was then unable to connect to the server the server, it didn't respond to pings either so I am not sure if fully booted up or not, so I had to boot up from a live CD and change the files to allow tty's again. How about disabling just tty3 through /etc/init/tty3.conf and seeing if that works. If so, add the others and see when it stops working. Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday 2011-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
Re: [Dorset] Locking down physical console access
On 04/10/11 10:23, Dan Dart wrote: I believe some programs will stop working with a no more ttys error - can you just not start the gettys but leave the ttys? Not sure I have the correct terminology there - even don't start the login processes? Can you still make one of them a console? That might help. It would also you you know what was going on. -- Next meeting: Bournemouth, Tuesday 2011-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
[Dorset] Locking down physical console access
Hi Does anyone know if there is a way to stop logins from the physical console so that a server can only be logged in via ssh? I did some searching but only seem to find ones for Red hat like systems or really old Ubuntu versions and the files they suggest changing don't exist any more. I am using Ubuntu server 11.04 x64. Thanks David -- Next meeting: Bournemouth, Tuesday 2011-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
Re: [Dorset] Locking down physical console access
Err don't launch any gettys in inittab? -- Next meeting: Bournemouth, Tuesday 2011-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
