LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   How configure linux to ask for password to access it terminal (https://www.linuxquestions.org/questions/linux-newbie-8/how-configure-linux-to-ask-for-password-to-access-it-terminal-4175459091/)

appiah212 04-22-2013 03:40 AM

How configure linux to ask for password to access it terminal
 
I am new to linux, i will like configure it in such away that it will prompt me to provide password whenever i want to access terminal or the command console. I am using fedora.

acid_kewpie 04-22-2013 04:21 AM

As a secruity thing, you really can't. there will ALWAYS be a way around what you appear to be askign for. Once you're lgged in, you're logged in. Just make sure that the account you are using is limited and use sudo or other security tools to require passwords when doing anything more complex.

jdkaye 04-22-2013 04:24 AM

You can change the permissions of your terminal program so that only root can execute it or only members of a specified group can execute it. Try:
Code:

chmod --help
or
Code:

man chmod
for more information
jdk

acid_kewpie 04-22-2013 04:41 AM

sounds like a good way to break a working system to me.

jdkaye 04-22-2013 11:45 PM

Quote:

Originally Posted by acid_kewpie (Post 4936350)
sounds like a good way to break a working system to me.

Are you referring to my post? If yes, could you please explain. If it's directed at the OP then ignore this.
jdk

shivaa 04-23-2013 12:38 AM

A terminal is installed with OS, and every user on the system can access/open the terminal. You couldn't set a password for opening a terminal. However, the thing that makes difference is what a user can do after opening a terminal, which means, can that user invoke admin level commands or not or can he make any damage to the system (ofcourse using destructive commands)..

Well, let's know why do you want to set a password for terminal and what exactly your purpose is?

eklavya 04-23-2013 01:00 AM

If you are thinking that terminal is like GUI application and you can provide password for it, it is not exact like this.
There are several ways to access command prompt without using terminal.
The best way is restrict your users to not give them enough privileges.

Suppose you find any software or application which asks password(I don't think it is really available) when you press ctrl+alt+t or click on terminal icon but this is not the only way. User can go in recovery mode and access command prompt from there.
you can't prevent them to press clt+alt+f1.

Do not provide sudo privileges to users, so they will not execute root level commands.
Do not provide root password to the user otherwise they they can use root level command using su - root if you have banned sudo for them.

Habitual 04-23-2013 07:06 AM

  1. Do not start x
  2. Do not login

Everyone will then be required to use a password to "open" terminal.

jpollard 04-23-2013 02:46 PM

Quote:

Originally Posted by eklavya (Post 4936965)
If you are thinking that terminal is like GUI application and you can provide password for it, it is not exact like this.
There are several ways to access command prompt without using terminal.
The best way is restrict your users to not give them enough privileges.

Suppose you find any software or application which asks password(I don't think it is really available) when you press ctrl+alt+t or click on terminal icon but this is not the only way. User can go in recovery mode and access command prompt from there.
you can't prevent them to press clt+alt+f1.

Do not provide sudo privileges to users, so they will not execute root level commands.
Do not provide root password to the user otherwise they they can use root level command using su - root if you have banned sudo for them.

To expand a bit...

Normally terminal windows are just applications that use psudo-terminals to communicate with a shell. A pseudo terminal is dynamically created when opened, there is no restriction on doing that. The pseudo terminal is in two parts - the user application uses the half to pass keyboard activity , and receive output - which is then drawn into a window. The shell is attached to the other half, which acts like a hardware terminal for the shell. The shell reads keyboard input from the pty, and writes output to the pty.

You can get some information about pseudoterminals from the man page (man pty).


All times are GMT -5. The time now is 05:01 AM.