Hi
I want to to restrict root login on a redhat box from the terminal only. I read I need to comment out everything from /etc/securetty file except tty1 through tty11. There are some entries in the file that I do not u/stand, i.e. vc/1 through vc/11. What are these entries? Where do these allow login from?
I use VNC for remote admin. Will commenting out these disallow root login from the VNC somsole too?
Regards
Srini
You're probably using devfs. In devfs the device names for tty are called vc and they're listed in the directory /dev/vc/
so allowing logins only from vc number one, is accomplished by
adding...
vc/1
... to your securetty, (note that this is vc/1 NOT vc1)
one mistake often people do is assume that if the /etc/securetty settings are correct, SSH will not allow root connections either, which is false. You will have to edit /etc/ssh/sshd_config, or /etc/ssh2/sshd_config to set PermitRootLogin to No.