Reg, thank you for your answer On Mon, 08 Nov 2004 11:22:47 -0700, Reg Clemens <reg@xxxxxxx> wrote: > > The file > /etc/securetty > says where (which ttys) Root is allowed to login from. I just removed tty7 from /etc/security and the system does no allow root to login irregardless of the desktop manager. > If you remove all the entries you should take care of "login" > > For ftp (actually vsftpd) there is a file > /etc/vsftpd.ftpusers > that lists those who are NOT allowed to login in (root is already there) > > and Im sure that if you look at the documentation for sshd there > must be an option there to disallow root access. Yes, there is an option in sshd_config file called PermitRootLogin and I have already turned it to no. > With all of these, if a user has succeeded in loging in locally, he > will still be able to su to root. I know that the user can su to root. However, I have found that using graphical environment as root is not good practice. Regards Ivan > > -- > Reg.Clemens > reg@xxxxxxx
