Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I need answer from Linux Freakers..
I need to disallow user to login as root.
Any idea?
Like do you mean stop the users from using the
Code:
$ su
(enter root password on prompt)'
Or are you trying to set it up where a user can access to certain root areas? You can use sudo for that.
Or if the users keep going into root with su command and you don't want them to have no root level access at out. Simply change root password and keep it a secret.
Other than that you need to post more information of what you really want because I don't think any body is going to understand "I need answers from Linux Freakers.."
Refresh sshd to re-read this new configuration. This will stop direct root login to the box. You need to login as regular user and then then su to root.
There is one part of the question there is no information on, are you trying to disable root logins completely, from SSH or at console? And this can only be to direct root logins, someone has to have an account that can sudo or something else you are locking yourself out and in the end at console an experienced enough user could easily by pass most possible ways of disabling root.
Sorry Guys if the question went little short.
I was looking for something which avijitp jotted.
One thing to ask you all:
Say i put PermitRootLogin No in sshd_config.
and user logged in through su.
Now he can run root-leel commands?
Why it is considered safe?
Doesnt all root commands run thru that?
Say i put PermitRootLogin No in sshd_config.
and user logged in through su.
Now he can run root-leel commands?
Why it is considered safe?
Doesnt all root commands run thru that?
A user can become root with the help of su only if he knows the root password unless you decide to configure sudo to allow the users to gain root privileges without password.
So it effectively allows A user to run root level commands only if he knows the root password. Disabling direct root ssh login is often considered to be a good practice to protect the system from Bruteforce attacked which can exploit a week root password.
My Next Question:
Can I completely disable root access?
Why on the earth would you do that? You plan to install a system and plan not to maintain that? Someone responsible should have a super user (root) privileges.
I need answer from Linux Freakers..
I need to disallow user to login as root.
Any idea?
That's not a joke, that is serious and it's true. If you're stupid enough to give tha password away, you can not prevent it by normal means.
Quote:
Originally Posted by your_shadow03
My Next Question:
Can I completely disable root access?
yes, check the -l (lowercase L) option of the passwd command
But I don't advise it for the root user as it is PERMANENT. You need root privileges to reverse it but can't gain those privileges as the account is locked.
The question that you have not answered yet is why you want this?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
