[SunHELP] Disable login info:
Jan Johansson
sunhelp at sunhelp.org
Mon May 14 09:07:26 CDT 2001
On Fri, May 11, 2001 at 09:57:34AM -0700, Pissey, Vinod wrote:
>I wanted to secure my web server.In the process I was just
>thinking whether we can remove the login prompt from the telnet
>session.That is whenever any user tries to telnet into the
>machine he should not get the login prompt but directly the
>password prompt which should be for the root.
This is security to obscurity which is a very bad thing instead
solve the two real problems present here.
1) Don't login is as root.
2) Don't use cleartext passwords.
Solutions can include.
1) Login in as joeuser, use sudo[1] for commands that need root.
2) Use SSH[2] or Kerberos[3].
[1] http://www.courtesan.com/sudo/
[2] http://www.openssh.com/
[3] http://www.pdc.kth.se/kth-krb/
More information about the SunHELP
mailing list