SUmmary:prevent root remote login

From: SP Law (
Date: Wed Nov 05 1997 - 00:43:32 CST

Hello Sun_Managers,

Thank you all for responding to my question. Altogether a total of
31 people answered . Thanks for such a great response.

The names are just too many to mention .


I have removed the word secure from /etc/ttytab and thing seems to work
in SUNOS4.x.

The most common answer is : -

     The super-user root may only log in on those terminals
     marked as "secure" in the /etc/ttytab file. Otherwise, the
     super-user must log in as an ordinary user and become
     super-user using su(1v).

In file /etc/ttytab remove "secure" from all entries but the one
for console. DO a command kill -1 1 after the file editing for
your changes to take effect.

There are other answers,
From: Rick Reineman <>
Subject: Re: prevent root remote login
touch /etc/nologin


From: (Peter M Allan)
Subject: Re: prevent root remote login

In /etc/ttytab change the 'secure' status at the end of the line.

# @(#)ttytab 1.6 89/12/18 SMI
# name getty type status comments
console "/usr/etc/getty std.9600" sun on local unsecure
ttya "/usr/etc/getty std.9600" unknown off local unsecure

However I am not sure the word unsecure is recognised .

Some of you suggested
edit /etc/default/login and uncomment the "console" line

This method is only used in Solaris 2.x .

One person suggested:
Have you already looked into the folloing files:

/etc/hosts.equiv ... for all users on this machine
~/.rhosts ... could be in every users home dir

.rhost and host.equiv only do away with the prompting of passwd but
but does not prevent a person from login as root by providing the root passwd.

Maybe somebody can include this in the FAQ.

Thank again.



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:08 CDT