Re: Solaris root login only at console question

From: Doug Hughes (doug@Eng.Auburn.EDU)
Date: 01/23/02


Date: Tue, 22 Jan 2002 18:11:22 -0600 (CST)
From: Doug Hughes <doug@Eng.Auburn.EDU>
To: martha.crocker@philips.com


On Mon, 21 Jan 2002 martha.crocker@philips.com wrote:

> I was just running through my machines checking to make sure they had all been changed
> so that direct root login isn't allowed except on the console. I noticed an interesting thing
> with Solaris 2.5 & Sol 8, if I attempt a login as root, either with the correct password or with an
> incorrect password, I get the same message:
>
> UNIX(r) System V Release 4.0 (nodename)
>
> login: root
> Password:
> Not on system console
> Connection closed by foreign host.
>
> BUT, if I do the same on Solaris 2.6 and 7, I only get this message if I supply the correct
> root password. If I supply the incorrect password, I get another prompt for username:
>
> SunOS 5.6
>
> login: root
> Password:
> Login incorrect
> login: root
> Password:
> Not on system console
> Connection closed by foreign host.
>
> Has anyone else ever noticed this?
> Is this perhaps a bug?
> Is there a cure?
>

Have you modified your /etc/default/login at all?

the correct CONSOLE line would be
CONSOLE=/dev/console

Of course, this would have no bearing on things like ssh
unless UseLogin was set to true. Ssh has its own
mechanisms for allowing or prohibiting remote login as root.
        Doug