Hello,
Have a look at /etc/security/access.conf - it is a very good way to
allow/disallow logins from the console or remote hosts. Just make sure you are
using the pam_access module in the configuration for your services in
/etc/pam.d: login, ssh, gdm or whatever methods are used to gain access to the
systém.
Regards,
Daniel
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Sharpe, Sam J
Sent: Wednesday, June 17, 2009 9:44 AM
To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list
Subject: Re: [rhelv5-list] Italian normative for administrative access
2009/6/17 Viggiani Domenico <[email protected]>:
> solarflow99 wrote:
>>> Domenico Viggiani wrote:
>>> - how can I manage administrative accesses by console
>>> (both real >consoles and remote consoles: iLO,
>>> VMware virtual consoles, etc)?
>>
>> i'm not sure I really understand that part
> At some point in time, everyone will need to access a machine by console.
> Direct, anonymous "root" access is allowed by default on console and I
> think that disabling it is not a viable solution (or am I wrong?). In
> any case, datacenters are usually phisically secured and staff access
> is identified by personal badge.
> But a problem still remains: consoles that can be accessed by network
> (VMware machines, iLO/DRAC ports for HP/Dell servers, etc).
> Is there a way to make console access compliant too?
iLO can be connected to Active Directory so that you can login to iLO (and log
logins) with personal accounts - but what account you use to get into the
server from iLO does not have to be your iLO login.
DRAC/VMware I don't know about.
--
Sam
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
