larryt@AE.MSSTATE.EDU (Larry Thorne) (08/04/90)
I'm trying to set up all workstations and servers on our net to be "secure", meaning that no one can login (or rlogin) directly as root, even with the root password. A user must login (or rlogin) as a "normal" user and then su to root. This scheme would also require the root password before the system would come up in single user mode. We've had a few breakins, and I'm trying to trace some of them via the sulog file (what users are actually getting in as root) and stop anyone from getting root access via booting the workstations to single user mode. This is easily done on SunOS by removing the "secure" flags in the /etc/ttytab file - however, I've not yet found the way to do this on SGI machines. Anyone know how to do this, or even if it can be done? And, yes, we do keep the root password(s) in a safe place just in case the administrators suddenly disappear from the face of the earth! Thanks in advance for any & all advice. Reply directly to me & I'll post a summary if anyone else is interested. Larry Thorne larryt@ae.msstate.edu