Don't know about securetty file, but I'd like to point out that you should try to avoid using root login; instead you should configure one regular user for yourself, that would have access to sudo for example, and only use root permissions when really needed; that may increase security.
One way is of course to lock the computer up so that nobody can access it, except you (i.e. have somekind of key+lock pair to prevent attaching keyboards and stuff to the machine, or just lock the machine into a closet). That's an easy and sure way, and if it's a server machine, there should be no need to log in it locally very often; most administrative tasks can be done using ssh.
Another thing is: why would you want to prevent local logins? I mean, if the machine is not locked up into a bullet-proof closet, somebody could just bring a laptop with a wireless connection, then log in trough ssh and that would basically be much if not just the same situation as if the person had a keyboard connected straight to the machine and logged in locally.
|