Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J

Crypto-C ME Cryptographic Toolkit 9

RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy

Level 1

2.1.3 Configuring Single User Mode

This section describes how to configure single user mode for the different operating

system platforms supported by Crypto-C ME.

Microsoft Windows

To configure single user mode for systems running a Microsoft Windows XP

Professional, Windows Vista Enterprise, Windows 7 Enterprise, Windows 8

Enterprise, Windows 2003 Server Enterprise, Windows 2008 Server Enterprise, or

Windows 2012 Server Standard operating system, guest accounts, server services,

terminal services, remote registry services, remote desktop services, and remote

assistance must be disabled. For detailed instructions on how to perform these tasks,

see the Microsoft support site.

Red Hat Enterprise or Fedora, Novell SUSE, or Canonical Ubuntu Linux

To configure single user mode for systems running a Red Hat Enterprise or Fedora,

Novell SUSE, or Canonical Ubuntu Linux operating system:

1. Log in as the

root user.

2. Edit

/etc/passwd and /etc/shadow to remove all the users except root and

the pseudo-users (daemon users). Make sure the password fields in

/etc/shadow for the pseudo-users are either a star (*) or double exclamation

mark (

!!). This prevents login as the pseudo-users.

3. Edit

/etc/nsswitch.conf so files is the only option for passwd, group, and

shadow. This disables the Network Information Service (NIS) and other name

services for users and groups.

4. In the

/etc/xinetd.d directory, edit rexec, rlogin, rsh, rsync, telnet,

and

wu-ftpd, setting the value of disable to yes.

5. Reboot the system for the changes to take effect.

Oracle Solaris

To configure single user mode for systems running an Oracle Solaris operating

system: