Security of root access

falcon16 · March 11, 2008, 6:34am

Hi,

The security auditor give a this statement , what to do ?

On my solaris system (S10)

"The User ID "root" should not be used on the system - the su and
the priviledged account should be used from each administrator for
accountability purposes"

What to do ?

reborg · March 11, 2008, 10:15am

Usually, the basic way to do this is to set the console line in /etc/default/login, and to set the ssh PermitRootLogin variable to "no"

System_Shock · March 11, 2008, 2:18pm

Is that what the auditor said verbatum? He he..

jlliagre · March 11, 2008, 9:18pm

I guess Username "0" is forbidden too ...