5.5 Ensure root login is restricted to system console

Information

The file /etc/securetty contains a list of valid terminals that may be logged in directly as root.

Rationale:

Since the system console has special properties to handle emergency situations, it is important to ensure that the console is in a physically secure location and that unauthorized consoles have not been defined.

Solution

Remove entries for any consoles that are not in a physically secure location.

See Also

https://workbench.cisecurity.org/files/3738