In this course, you'll learn about account security in Linux including pluggable authentication modules (PAM), password security, account access controls, and account types.
Learning Objectives
- Learn about PAM and how to configure pluggable authentication modules
- Understand the different types of accounts you'll find on a Linux system and the special precautions you need to take with each account type
- Learn how to enforce good password security practices on your Linux systems
- Learn how to make an account's password expire, how to expire an account itself, and how to lock and unlock accounts
- Understand how to monitor log files and use intrusion detection systems
- Learn about multi-factor authentication and how it can be implemented in Linux
Intended Audience
This course is intended for anyone who wants to understand how to secure their Linux systems.
Prerequisites
To get the most out of this course, you should already have a good working knowledge of Linux. If you want to brush up on your Linux skills, consider taking our Learn Linux in 5 Days learning path first.
I'm going to log into this Linux system as root. Let's go ahead and look at the Pam configuration for log in. Here you can see that the auth interface of the Pam underscore securetty module is being used. I'm going to run the W command which will show what device I'm logged in as. Okay, I'm on tty1. Now let's look at the etc securetty file. Here you can see a list of devices that root is allowed to log into. You can see that tty1 is listed and that's what I'm logged into right now. I'm going to remove tty1 and attempt to log in again. Remove that, write the file, close out. Log in this root. And I supplied the root password correctly. I'll do it again. And sure enough it's not letting me log into the system. So tty1 represents the first virtual console on a Linux machine. To get to the second virtual console you type CTRL + ALT + F2. To get to the third you type CTRL + ALT + F3 and so on. So I'm going to switch to the second virtual console right now by typing CTRL + ALT + F2. Now I should be able to log in as root because tty2 the second virtual console is in the etc securetty file. Let me try that out. Log in as this root. I get access, I run the W command and sure enough I'm on tty2. And tty2 is indeed in the etc securetty file. I'm going to empty etc securetty file. I can do this by a couple of different ways. I'll just edit it, and Just delete all the lines in it and write it. So let me look at that file. Sure enough nothing's in there. So now when I go to log into root I should not be allowed. Again I can't log in as root on this tty because it's not listed in the securetty file. I'll go ahead and log in as myself with my normal user account. And sure enough that works. Again, the etc securetty file controls root logins but not normal account logins. So if you wanna prevent direct root log ins create an anti securetty file.
Jason is the founder of the Linux Training Academy as well as the author of "Linux for Beginners" and "Command Line Kung Fu." He has over 20 years of professional Linux experience, having worked for industry leaders such as Hewlett-Packard, Xerox, UPS, FireEye, and Amazon.com. Nothing gives him more satisfaction than knowing he has helped thousands of IT professionals level up their careers through his many books and courses.