Account only on the console
Polytropon
freebsd at edvax.de
Fri Jan 18 14:31:41 UTC 2013
On Fri, 18 Jan 2013 15:19:24 +0100, Albert Shih wrote:
> Hi all,
>
> I would like to known how I can create a root-account (uid=0, login not=root)
> but I want this account accessible only on the console. Not from ssh but
> event not from su (other than root).
Add a new account with UID 0 (comparable to "toor").
You can do this interactively with the "adduser" command.
To prevent SSH login, use the "DenyUsers" keyword in
/etc/ssh/sshd_config. Also make sure to put this account
name into /etc/ftpusers in case you have FTP open.
Regarding su, everyone who is in the "wheel" group _and_
knows the new account's password will be able to su; make
sure the password is _not_ known to them. Users outside
of "wheel" cannot su anyway.
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list