Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
GetNetWise: You
e One Click Away

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents
Up to --> Basic Administration

· User Accounts
· logging in

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 173 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here

Linux Tutorial - Basic Administration - User Accounts - logging in
  User Accounts ---- Terminals  

logging in

Users gain access to the system through "accounts." This is the first level of security. Although it is possible to configure applications that start directly on specific terminals, almost everyone has logged into an Linux system at least once. More that likely, if you are one of those people who never login, you never see a shell prompt and are probably not reading this book.

Most Linux systems have a standard login. The figure below shows what the login process looks like. You see the name of the system, followed by a brief message (the contents of /etc/issue) and the login prompt, which usually consists of the system name and the word login. This is a text file, so you can edit it as you please. Because it is read dynamically, the changes will appear the next time someone tries to log in. After the contents of /etc/issue, you see the login prompts, such as


When you login, you are first asked your user name and your password. Having been identified and your password verified, you are allowed access to the system. This often means that the system starts a shell for you. However, many programs can be used in place of a shell.

Image - The login process.(interactive)

One entry in the password file is your home directory, the directory that you have as your current directory when you log in. This is also the place to which the shell returns you if you enter cd with no arguments.

After determining your login shell and placing you in your home directory, the system will set up some systemwide defaults. If you have a Bourne or Bourne Again-shell, these are done through the /etc/profile file. If bash is your login shell, the system runs through the commands stored in the .profile in your home directory then the .bashrc file, provided they exist. If you have sh, then there is no equivalent for the .bashrc file. If you have a Z-shell, the system defaults are established in the /etc/zprofile file. The system then executes the commands in the .zshrc and .zlogin files in your home directory, provided they exist. See the appropriate man-page and the section on shell basics for more details.

During the login process, you are shown several pieces of information about the local system. Before the login prompt, you usually see the contents of the /etc/issue file, as I mentioned earlier. After your login is successful, you will normally see a message about the last login and the message of the day. The message of the day is the contents of the file /etc/motd.

In some cases, all of this information is bothersome. For example, many businesses have either menus that their users log into or applications that start from their users .profile or .login. In some cases, the information is of little value.

In some cases, even knowing that this is an UNIX system could be a problem. There are many hackers in the world who would just love the chance to try to crack your security. By not even telling them what kind of system you have, you reduce the amount by which they are tempted. At least, that's one more piece of information that they need to figure out. Therefore, we need a way to disable these messages.

The two obvious ways are by using /etc/issue and /etc/motd. By default, both of these files contain information about your system. By either changing the contents or removing the files altogether, you can eliminate that source of information.

Another way is the login: prompt itself. Again, by default, this prompt contains the name of your system. This may not concern most system administrators, however, in cases where security is an issue, I might like to disable it. The prompt comes from the /etc/gettydefs file. The gettydefs file contains information the getty program uses when it starts the login program on a terminal. The more common lines in the gettydefs file contain an entry that looks like this:

@S login:

Take a look at the

prompt and you will see that it also contains the literal string login: immediately following the name of the system. The name of the system comes from @S. By changing either of the parts (or both), you can change the appearance of your login prompt, even removing the name of the system, if you want.

The getty(1m) man-page contains a list of the different information that you can include with the login: prompt. If you are providing PPP services, I recommend that you do not cahnge anything in your login prompt, such as the date/time or the port name. This makes creating chat scripts difficult, as the users trying to login will not know what to expect.

At this point, we are left with the last login messages. Unfortunately, these are not contained in files that are as easily removed as /etc/motd and /etc/issue. However, by creating a file, the file .hushlogin in your home directory, we can remove them. It has no contents; rather, the existence of this file is the key. You can create it simply by changing to a users home directory (yours, if you are that user) and running

Often administrators want to keep users' knowledge of the system as limited as possible. This is particularly important for systems with a high level of security in which users start applications and never see the shell prompt. One give-away to what kind of system you are on is the following line when you login:

Last login: ...

System administrators often call support asking for a way to turn this feature off. Fortunately, there is a way. This, too, is disabled by creating the .hushlogin file. Once this functionality is enabled, you can simplify things by having this file created every time a new user is created. This is done by simply adding the .hushlogin file to the /etc/skel directory. As with every other file in this directory, it will be copied to the user's home directory whenever a new user is created.

One thing to consider before you turn this feature off is that seeing when the last login was done may indicate a security problem. If you see that the last login was done at a time when you were not there, it may indicate that someone is trying to break into your account.

You can see who is currently logged in by running either the who or w command. These commands are kept in the file utmp in your system log directory (/usr/adm, /var/log, etc). Once the system reboots, this information is gone.

You can also see the history of recent logins by using the last command. This information is kept in wtmp in the system log directory. This command is kept between reboots and, depending on how active your system gets, I have seen this file grow to more than a megabyte. Therefore, it might not be a bad idea to truncate this file at regular intervals. (Note that some Linux distributions do this automatically.)

One way to limit security risks is to keep the root account from logging in from somewhere other than the system console. This is done by setting the appropriate terminals in /etc/securetty. If root tries to log into a terminal that is not listed here, it will be denied access. It is a good idea to list only terminals that are on the system console (tty1, tty2, etc.).

If you really need root access, you can use telnet from a regular account and then su to root. This then provides a record of who used su.

 Previous Page
User Accounts
  Back to Top
Table of Contents
Next Page 


Test Your Knowledge

User Comments:

You can only add comments if you are logged in.

Copyright 2002-2009 by James Mohr. Licensed under modified GNU Free Documentation License (Portions of this material originally published by Prentice Hall, Pearson Education, Inc). See here for details. All rights reserved.



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
You can choose larger fonts by selecting a different themes.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.06 Seconds