My Debian Tips:

File Systems
Storage Devices

[Tips Home] [Home]

Valid HTML 4.01!
Tips on dealing with the system security of your Debian Linux:

What is 'sudo'?

This is a way of securing and limiting root access on your system. Sudo ('superuser do') allows the administrator to give certain users (or groups of users) the ability to run some (actually all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell. Consider having only sudo on your system, instead of "su", as sudo does better logging as well.

How do I disable root login over network?

The /etc/securetty file lists the devices on which "root" may log in. If you remove all entries except for tty1 through tty8, you'll prevent network logins for root.
    ttyS* are serial devices (e.g., a modem or serial-connected terminal)
    ttyp*, ttyq*, etc are network terminals

A tip on your system security, consider removing "/etc/hosts.equiv"

This file allows other hosts to be trusted by your system. It can be used to log on to your machine without a password. If you are not running "r" commands, you should have no use for this file and it should be removed. Also, disable 'r' programs like rlogin, rsh and use ssh and scp.

Can't telnet as 'root' into the system from outside?

You can login as root from the local console, also can do a "su", but not telnet as 'root'? This is because this is the default behaviour for security reasons. If you can, use ssh and scp instead of telnet and ftp. If you cannot or think that your system is secure, add the necessary number of pseudo terminals in /etc/securetty. You may also face this problem while logging from xterms locally.

ttyp0, ttyp1, ...., ttypa, ... (add one in each line)

How do I look at the log files for 'su' usage?

grep "su.*-root" /var/log/auth.log

[HOME] Last Updated: Apr' 2002
Any comments to the author?