How to disable the su to root in Linux using PAM.

The default Linux behavior allows the user to gain root access by typing su and entering the root password to gain a root prompt. If you wish to disable this behavior, then run this command: vim.tiny /etc/pam.d/su then uncomment this line:

#auth required use_uid

This will require a user to login as root at a terminal to be able to use a root prompt. They will no longer be able to use su to login as root. This is the default configuration in FreeBSD. And might be useful to anyone who wants to prevent users accessing root via su.

No comments have been made. Use this form to start the conversation :)

Leave a Reply