Just put this line in your /etc/profile : TMOUT=900 So after a while noone clicks anything, it will logout automatically and nobody will have access to your server without knowing the root password .
--- Departamento de Soporte Tecnico www.ipv4networks.com InternetWorking Solutions Av. Dr. Honorio Pueyrredon 1694 Tel: (05411)-4586-0134 Fax:(05411)-4585-7550 ----- Original Message ----- From: "Shawn K. Quinn" <[EMAIL PROTECTED]> To: <misc@openbsd.org> Sent: Sunday, June 25, 2006 8:58 PM Subject: Re: Doubts about OpenBSD security. On Wed, 2006-06-21 at 14:23 -0300, JoC#o Salvatti wrote: > Let's suppose an attacker entered the room where an OpenBSD server is > located in, and by mistake the system administrator has forgotten to > logout the root login session. So the attacker could enter in single > user mode, without the need for the root password, and load a > malicious kernel module. He also could do millions of other things, > but changing root's password, because the system administrator would > notice it immediatelly. There isn't much to be done at the operating system level to compensate for a lack of physical security. Asking for the password when it's already circumvented is futile. > I believe it could be more difficult for the attacker if there were a > different password to log in the system in single user mode. It would just be annoying for untold numbers of OpenBSD sysadmins across the planet, and would not fulfill any real security goal. -- Shawn K. Quinn