On Thursday 26 June 2003 03:11, sxjcp blurted:

> I consider myself an intermediate user on Linux. I can do things very
> well, others not well at all. At my workplace, I've converted a former
> PIII NT machine into a smoking RH9.0 NetWorker client. One of the requests
> that my lead IT asked me to do is to set up this Linux box to be SSH
> enabled to transfer and store critical files. Although it was my first
> time doing so, I was able to impliment SSH, and then started looking for
> addtional security. So I downloaded the RH Linux Security Guide from RH's
> site.
>
> I was walking through the guide, and started working on root access. I
> wasn't reading ahead. Instead, I was just doing the commands that the
> guide instructed.

Bad Thing.

> First I changed the root shell in my /etc/passwd file from /bin/bash to
> /sbin/nologin.
>
> Second I disabled root access via any console device (tty) by creating an
> empty /etc/securetty file.
>
> Third I disabled root SSH logins by editing the /etc/ssh/sshd_config to
> set the PermitRootLogin to no.

What guide is that? Perchance the "users-fix-it-themselves" a.k.a.
"users-lart-themselves-HOWTO" in my top drawer?

> I didn't get as far as using PAM to limit root access services because at
> this point I then rebooted to test a previous security implementation to
> the grub.conf file to enforce pwords when login in to command line. I
> found out that something went wrong. I believe it was a bad crypto copy
> from the /sbin/grub-md5-crypt output, but that's not my problem. My
> problem is this. Because of my root access step one, I'm no longer to
> switch into root mode with su. I then tried to implement my commands with
> sudo. However, I cannot get it to accept my root password. FYI, because it
> was my first time running sudo, I didn't do any config on it. I know that
> my root password still works because when I execute any system setting
> programs, I can successfully start it with my root pword. I really want to
> edit my root shell back to /sbin/nologin. What is the correct
> implimentation of sudo? I've been entering the following below:
>
> $ sudo vi /etc/passwd
>
> I wish I were in front of my work workstation, but I'm currently at home
> and can't recall the output from that statement. All I know is that I
> can't get into it. Please can someone help me out here?

Boot it with a bootdisk or CD-ROM, mount the root drive in /mnt, cd there
and mount the usr drive in /mnt/usr. chroot /mnt, passwd, rm
/etc/securetty, change your root shell back and reboot.

--
QOTD:
"Sure, I turned down a drink once. Didn't understand the question."