# SSH security



## douglasfim (Feb 21, 2011)

I'm having the following problem

SSH on the server I have 3 users

root - locked in sshd_config
douglas - locked in sshd_config
dgf - allowed

if I access the user dgf, I can login with the user douglas `$ su douglas`

the user can try to break the password, do not you think? because there is no limit on login attempt and will use the server processing, how to fix this?

I tried changing the permission of the command "su ", but it was not possible


----------



## Alt (Feb 21, 2011)

Its not ssh related problem.
I think you should dig about pam.conf


----------



## francis (Feb 22, 2011)

Maybe remove dgf user from *wheel* group with pw(8) utility, so he will be not able to use su command? 
Of course if he is in that group. Surely this command is used to become another user.

I hope that You remember about the other security issues?


----------



## DutchDaemon (Feb 22, 2011)

The wheel group only affects who can *su* root, not who can *su* in general.


----------



## douglasfim (Feb 25, 2011)

*dgf* user is no longer part of the group *wheel*

now it's all right, thank you


----------



## DutchDaemon (Feb 25, 2011)

That 'solution' defies logic. A user does *not* have to be part of the wheel group to *su* any other user, root excepted.


```
# groups user1
user1

$ id
uid=1002(user1) gid=1002(user1) groups=1002(user1)
$ su - user2
Password:
$ id
uid=1003(user2) gid=1003(user2) groups=1003(user2)
```


----------



## douglasfim (Sep 14, 2011)

solved, thanks


----------

