Home / ubuntu / Questions / 508864
Accepted
blanket_cat
Asked: 2014-08-09 18:39:52 +0800 CST

How do you limit root to no more than 1 login at a time?

  • 772

I took a practice test for a cert and one of the questions was "Limit root to no more 2 simultaneous logins, make this configuration persistent between restarts". I didn't even really know this was possible. Is this just for ssh or could you do this for all terminal access on the machine? If so, how?

ssh

3 Answers

  1. Best Answer

    One way would be to limit the terminals through which root login is allowed. This is done by editing /etc/securetty. Just let securetty contain any two TTYs and you're done.

    • 1

  2. You can edit /etc/security/limits.conf and add:

    root hard maxlogins 1

    This will limit the total number of root login shells to 1, and it includes both local and remote access.

    • 1

  3. Nevert tried this but would go the following way:

    1. Make bin/bash and other shells unaccessible to root.
    2. Create script that would run bash if not already running, otherwise exit.
    3. Assign this script as root shell.
    • -1