3.2.8 /etc/security/user - rlogin

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Defines whether or not the root user can login remotely.

In setting the rlogin attribute to false, this ensures that the root user cannot remotely log into the system. All remote logins as root should be prohibited, instead elevation to root should only be allowed once a user has authenticated locally through their individual user account.

Solution

In /etc/security/user, set the root stanza rlogin attribute to false-

chsec -f /etc/security/user -s root -a rlogin=false

This means that the root user will not be able to log in the system directly.

See Also

https://workbench.cisecurity.org/files/528