geekvenue.net

Welcome to Chucktips Hardware HELP WITH DEAD OS Installing FreeBSD Miscellaneous
 faq
 search
 add article
 cool-stuff
 how-to
 main
 tips


TIP: Secure root with autologout
Security and Firewalls Posted by Jason on Friday February 22, @12:15PM
from the lockdown-root dept.
The FreeBSD default shell (tcsh) has an automatic logout feature which will logout an account that has been idle for a specified amount of time. This feature can be used to better secure your root account- in case you forget to logout.

The command to enable this feature is set autologout = x. Where x is the number of idle minutes before an automatic logout will occur.

You can add this command to your /root/.profile file to be sure it set everytime you login to the system as root.

To set an automatic logout for 15 minutes, simply edit the .profile for the root account with your preferred editor (ee or vi in my case). Login as root like so:

Login: root
Password:********

# cd /root
# ee .profile

add:
set autologout = 15

Save the file, logout and login as root again. If you don't use the console for 15 minutes, the system should automatically log you out.


To learn more about the commands in FreeBSD and other Unix OS's, try the man pages:

man tcsh
man ee
man vi


<  |  >

 

Related Links
  • Articles on Security and Firewalls
  • Also by Jason
  • Contact author

    Lilliput Mini USB Computer Monitor

    If you have ever wanted to learn about Cisco Routers, check out my new book "Cisco Routers for the Small Business" - it's Cisco CLI for the Regular Guy!

    • Sponsors

    The Fine Print: The following comments are owned by whoever posted them.
    ( Add a Reply )

    Re: TIP: Secure root with autologout
    by Santhosh Joseph on Tuesday February 26, @02:26AM

    With bash shell, autologout can be enabled by setting the environment variable "TMOUT" :

    export TMOUT=x where x is in SECONDS


    [ Add a Reply to this ]
    • Re: TIP: Secure root with autologout
      by Derrek on Monday August 06, @01:07PM

      sh, ash, bash, bsh, ksh all use TMOUT in /etc/profile (export TMOUT=) csh and tcsh use /etc/csh.cshrc or /etc/csh.login (set autologout=)

      Just tested this on Linux.

      -Derrek
      [ Reply to this ]
      • Re: TIP: Secure root with autologout
        by Derrek on Monday August 06, @01:08PM

        Also,

        TNOUT value is in seconds. autologout value is in minutes.

        -Derrek
        [ Reply to this ]
        • Re: TIP: Secure root with autologout
          by aixadmin on Wednesday December 02, @06:21AM

          to display the TMOUT value from ksh we can use export $TMOUT.. any idea how can we display env variables in csh ?
          [ Reply to this ]

     
    The Fine Print: The following comments are owned by whoever posted them.
    ( Article Reply )

    "You never know how many friends you have until you own a Condo on the beach." -- Jason's Postulate

    Powered by Zope  Powered by Apache  Squishdot Powered
    All trademarks and copyrights on this page are owned by their respective companies. Comments are owned by the Poster. The Rest ©2001 Jason Neumann.
    [ main | post article | search ]