Results 1 to 6 of 6
  1. #1

    2 or 3 password for enter root ssh


    is there any way to force root password to enter 2 or 3 password before root enter ssh ( for security reason )

  2. #2
    Join Date
    Oct 2003
    Georgetown, Ontario
    you could always disable direct root login so you have to login with a regular account, then su - into root.
    ∑∑ Repeat after me... ProSupport is the best... Prosupport is... ∑∑
    ProSupport Host Support System - OUT NOW! Grab a copy yourself and see what the hype is about!
    VertiHost Inc. - We run a quality business. Do you?

  3. #3
    cMark has the right idea. But if you don't want to go through the trouble of having to login and then type 'su' you could add a pseudo-user and in the user's $HOME/.profile have a "su".

    This way you would login as [email protected], be prompted for that user's password, then immediately be prompted for the root password, which seems like what you were wanting to do.

  4. #4
    Join Date
    Jan 2004
    You could restrict direct root login through ssh and tty. And then limit su - root to a single user, that would require you to login as a normal user first, and then login as root,a nd no one except that user can login as root.

    You would need to edit/make /etc/suauth to limit users logging in as root, add this:

    root:ALL EXCEPT usernameENY

    root being the user that cannot be logged into through su by anyone (ALL) except a single user (username) - DENY telling su not to allow the users to login.

    Try it out

    I have a reference on this, about 3 pages, I could sort out for you


    "You donít learn to hack, you hack to learn"

  5. #5
    Join Date
    Feb 2004

    You can do this by a simple shell script.

    (1) vi ~/
    (2) #!/bin/sh
    echo -n "Enter Password:"
    stty -echo
    read p
    stty -echo
    echo -n "Enter Password Again:"
    read p
    stty echo
    exit 0
    (3) chmod 755 ~/
    (4) vi ~/bash_profile
    (5) Add the line
    (6) Save and exit.

    Now try to ssh and check. Also you can customize the script based on your needs. Hope this script may be useful to sort out your problem.



  6. #6
    Join Date
    Jul 2002
    if someone has the password ones even if you ask him million times he will be able to enter id

    i'd say just disable direct ssh as root and keep su to only wheel accounts.

    make sure you dont lose your password in the first place
    Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
    Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar

    Twitter: Bashar Al-Abdulhadi

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts