Oracle Solaris Trusted Extensions Configuration Guide

ProcedureEnable Remote Login by root User in Trusted Extensions

As in the Solaris OS, root can log in remotely from a labeled system when the CONSOLE entry is disabled.

If you plan to administer a remote system by editing local files, use this procedure.

  1. In the trusted editor, comment out the CONSOLE= line in the /etc/default/login file.


    # /usr/dt/bin/trusted_edit /etc/default/login
    

    The edited line appears similar to the following:


    #CONSOLE=/dev/console
  2. Permit root user login over an ssh connection.

    Modify the /etc/ssh/sshd_config file. By default, ssh is enabled on a Solaris system.


    # /usr/dt/bin/trusted_edit /etc/ssh/sshd_config
    

    The edited line appears similar to the following:


    PermitRootLogin yes
    
Next Steps

To log in as the root user from an unlabeled system, you must also complete Enable Remote Login From an Unlabeled System.

To enable remote login by a role, continue with Enable Remote Login by a Role in Trusted Extensions.