Add user with wheel as secondary
group
Visudoer
Uncomment
%wheel ALL=(ALL) ALL
%wheel ALL=(ALL) NOPASSWD: ALL
Defaults env_reset,timestamp_timeout=10
ssh
PermitRootLogin No
Restart the service
$ grep password /etc/pam.d/system-auth
password required
pam_cracklib.so retry=3 minlen=14 lcredit=-1 ucredit=-1 dcredit=-1
ocredit=-1
password sufficient pam_unix.so remember=3 md5 shadow nullok try_first_pass use_authtok
# By adding an user account as eswaraiah.s-admin thru visudo, it is able to login to root with his password. How to avoid the non-wheel group users to stop logging in this way?
$ %dba ALL=/bin/su - oracle
password sufficient pam_unix.so remember=3 md5 shadow nullok try_first_pass use_authtok
# By adding an user account as eswaraiah.s-admin thru visudo, it is able to login to root with his password. How to avoid the non-wheel group users to stop logging in this way?
$ %dba ALL=/bin/su - oracle
No comments:
Post a Comment