Hello everyone
I have to limit the root logins on my aix box (aix 5.3)
I change the value on the /etc/security/user
default (login and rlogin) change to false
and add to root (rlogin and login = false)
I tried in different ways but I got the same.
Root still can login
I try algo with smitty user, change user characteristics (root) change to false
that is the same to the user file
There is another way to limit root login
Thanks for your tips
If you are using sshd on that box, you could configure /etc/ssh/sshd_config to
PermitRootLogin no
But make sure that you have at least some backdoor to get in like a user that make "sudo su -" or something like that.
This is just a W.A.G.:
The system may be protecting itself from stupidity. Since there are times when you'll need to log on as root, the system may not like you trying to limit access, and is ignoring those limitations.
Why not simply change root's password?
There are usually several ways to reach a goal.
Thanks for the reply
The problem was that I try with a ssh connection and not with telnet connection.
Now it�s ok with telnet connection root login it�s not possible.
and now I change in the /etc/ssh/sshd.conf
# Authentication:
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
But I still can login with root account on a ssh connection. there is another file to change some values ?
Thanks
If you modified the sshd_config file you need to restart sshd
Thanks for the comment E-EJ915
I will do to restart the ssh subsystem. but when I try to su - (switch to root) I got this.
$ su -
root's Password:
3004-311 This terminal can not be used at this time.
3004-501 Cannot su to "root" : Account is not accessible.
Im doing something wrong.
All I want to do. Its that root login can�t no be establish (telnet o ssh9. that you need to have a user first and then su to root and you got root. but I miss something. because I login with my user and when I try to su - to root I got
the message above.
Thanks for your tips