*BSD News Article 94893


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.telstra.net!psgrain!iafrica.com!bowl.news.pipex.net!pipex!rill.news.pipex.net!pipex!news-peer.sprintlink.net!news.sprintlink.net!sprint!ais.net!ameritech.net!uunet!in2.uu.net!207.67.253.7!atmnet.net!news.lightside.com!fred
From: fred@lightside.net (Fred Condo)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: Howto restrict login at the console?
Date: Tue, 29 Apr 1997 11:59:40 -0700
Organization: Lightside, Inc.
Lines: 31
Message-ID: <fred-ya02408000R2904971159410001@news.lightside.com>
References: <3364F170.4DF6BC09@indigo.ie>
NNTP-Posting-Host: dcs67.dcs-chico.com
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Newsreader: Yet Another NewsWatcher 2.4.0
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:40088

In article <3364F170.4DF6BC09@indigo.ie>, Marcus Keane <keanem@indigo.ie> wrote:

>Hi!
>
>I was just wondering if there was any way of restricting login at the
>console. What I'm after is the inverse(so to speak) of putting insecure
>on a line in /etc/ttys. That is, I only want root to login at the
>console. The machine isn't physically secure at the moment and I don't
>want people starting X sessions etc. I can login as root and lock the
>screen but I wouldn't trust people not to power cycle the machine when I
>wasn't around.
>
>Cheers,
>
>Marcus.
>
>--
>
>=======================================================================
>      Marcus Keane / Indigo Helpdesk        URL:http://www.indigo.ie/
>      email: keanem@indigo.ie               phone: Intl-353-1-6046913
>=======================================================================

Physical access is root access, because the computer can be reset and
single-user mode entered. Unless you have physical security, logical
security is no help.
-- 
http://www.lightside.net/~fred/ + net access + http://www.lightside.net/
"Attempts to control the use of encryption technology are wrong in
principle, unworkable in practice, and damaging to the long term economic
value of the information networks." - UK Labour Party