Restrict Virtual Console Root Logins
An XCCDF Rule
Description
To restrict root logins through the (deprecated) virtual console devices,
ensure lines of this form do not appear in /etc/securetty
:
vc/1 vc/2 vc/3 vc/4
Rationale
Preventing direct root login to virtual console devices helps ensure accountability for actions taken on the system using the root account.
- ID
- xccdf_org.ssgproject.content_rule_securetty_root_login_console_only
- Severity
- Medium
- References
- Updated
Remediation - Shell Script
sed -i '/^vc\//d' /etc/securetty