On Mon, Apr 19, 2004 at 08:57:13PM +0200, Svante Signell wrote: > I find these messages in my logfiles. What has changed recently? > The access to the tty devices is crw-rw---- and owned by root.tty. > > sshd[4196]: (pam_securetty) access denied: tty 'ssh' is not secure ! > xscreensaver: (pam_securetty) access denied: tty ':0.0' is not secure !
The purpose of securetty is to ensure that root can only login from terminals(normally only the console) to prevent dangerous logins e.g. login via telnet. It has nothing to do with permissions (if you are root they don't exacly matter anyway). See: /etc/securetty man 5 securetty /etc/pam.d man 7 pam I'd suggest removing the pam_securetty lines from pam.d/ssh and xscreensaver. I can't think of any security problems to that off the top of my head. > Please cc: me since I'm not subscribed to the list. Done Brian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
