Disable Ctrl+Alt+Del (Demo)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey there Cybrarians.
00:00
>> Welcome back to the Linux plus course here at Cybrary,
00:00
>> I'm your instructor Rob Goelz.
00:00
In today's lesson, we're going to talk about
00:00
disabling control, alt, delete.
00:00
Upon completion of today's lesson,
00:00
you are going to be able to understand
00:00
why it's critical to disable Control,
00:00
Alt Delete on Linux systems and
00:00
we're going to talk about how to disable Control, Alt,
00:00
Delete that key combination
00:00
and both system, five system,
00:00
so SysVinit and systemd systems,
00:00
and we'll see how to do that during our demo today.
00:00
The Control Alt Delete combination has
00:00
several uses if you're in a Windows OS.
00:00
You could use it to lock a computer or you can
00:00
use it to wake up when it's an a screensaver mode,
00:00
you can also use it to open
00:00
task manager or sign out and switch to another user.
00:00
But we're in Linux, which
00:00
we obviously are for this course,
00:00
the control alt delete combination does only one thing.
00:00
It reboots the entire system.
00:00
If you have a Linux system with console accessible,
00:00
it's a really good idea to go in and
00:00
disable control alt delete.
00:00
Whether it's a physical console with keyboard,
00:00
video, and mouse connected to it,
00:00
or virtual console that someone could
00:00
connect to you when they're trying to do support,
00:00
they may not know that is a Linux system and
00:00
not a Windows system and they
00:00
may try and do control, alt delete and reboot it.
00:00
By disabling this, you're
00:00
going to prevent and divert reboots,
00:00
and you're also going to head off having to do
00:00
a job search when someone reboots a prod server.
00:00
In CSV or system V and its system like CentOS 6,
00:00
the Control Alt Delete combination is set in etc init,
00:00
and then it set be Control Alt Delete.conf.
00:00
The actual line in there is to exec or
00:00
run sbin shut down dash r now,
00:00
which means going to reboot automatically
00:00
with the message Control Alt Delete pressed.
00:00
Now, on a systemd system,
00:00
Control Alt Delete is
00:00
a combination configured as a target.
00:00
We can see the target file over here, we see the unit,
00:00
the description that's doing a reboot,
00:00
and we can see the alias there,
00:00
the Control Alt Delete target.
00:00
Let's see how to disable both of
00:00
these during our demo today.
00:00
[NOISE] Here we are
00:00
in our demo environment
00:00
and the first thing we're going to do
00:00
is work in CentOS because we
00:00
want to look at how you can go ahead
00:00
and disable Control Alt Delete in system V, CSV init.
00:00
In order to do that, what we have to do is edit that
00:00
Control Alt Delete.conf as sudo.
00:00
We're going to have to get root privileges in order to do
00:00
this because it isn't an init file.
00:00
We're going to go into etc/init,
00:00
and we're going to look for control
00:00
alt delete.conf [NOISE],
00:00
and now of course it's going to prompt
00:00
us for my password so that I can
00:00
become root temporarily as
00:00
sudo [NOISE], and now we're in.
00:00
Now what we can see is this line down here.
00:00
It says, exec/sbin/shutdown dash r now,
00:00
Control Alt Delete pressed.
00:00
Instead, we're going to have it
00:00
just do something with logger.
00:00
Now, logger is just a command that you can use
00:00
to log something into your messages,
00:00
into your logs on the system.
00:00
We're actually going to change this line
00:00
instead of saying sbin/shutdown,
00:00
I'm going to hit "Insert" here on my keyboard,
00:00
and I'm going to back this out.
00:00
I'm going to actually back this out quite a bit of
00:00
the way because we're going to change quite
00:00
a bit in this information,
00:00
and now what I'm going to do is I'm
00:00
going to put in user/bin/logger,
00:00
because that is the actual absolute path to
00:00
the logger utility or logger command,
00:00
and we're going to do -p. We're going to say that this
00:00
is an authpriv.notice,
00:00
so that that gets placed in the log file,
00:00
and then we're going to say -t init,
00:00
and now we're going to just say control alt delete was
00:00
pressed [NOISE] and ignored [NOISE].
00:00
Now this will just log when
00:00
somebody does this accidentally,
00:00
it'll just log an event,
00:00
but it won't actually reboot the system.
00:00
In order to finish making this change,
00:00
we just hit "Escape" colon
00:00
WQ and quit out of that file, and now we're good to go.
00:00
Now, if we were just to do
00:00
a Control Alt Delete on this system,
00:00
it would go ahead and login event,
00:00
but now reboot as I said.
00:00
Let's take a look at the same thing over in CentOS 8.
00:00
Here we are in our CentOS 8 system.
00:00
On our systemd system, this is easier.
00:00
We can just mask a target.
00:00
Like I said, this is a target.
00:00
We you can give a systemctl [NOISE]
00:00
list units dash dash
00:00
type equals target [NOISE].
00:00
There we go. We can see all of the targets
00:00
here that are set up on the system.
00:00
What we're going to do is we're actually
00:00
going to mask one here.
00:00
We'll just do sudo systemsctl
00:00
mask control+alt+delete.target,
00:00
and type in my password [NOISE].
00:00
Then that is not existing on this system.
00:00
Luckily, it's not set up,
00:00
but we can see it's going to
00:00
go ahead and create a similarly,
00:00
if this did exist on the system,
00:00
it would put it to dev/null.
00:00
We know by now that dev/null is that bit bucket.
00:00
In other words, if anybody has a control alt delete,
00:00
it won't do anything at all here,
00:00
it'll just put that command output the dev/null,
00:00
which as we all know, is basically a black hole.
00:00
On Linux systems, nothing gets done with that.
00:00
If you have any questions about masking,
00:00
go ahead refer back to Module 10,
00:00
where we talked a little bit more about that.
00:00
With that, we've reached the end of this lesson.
00:00
In this lesson we covered why it's critical to disable
00:00
the control alt delete combination on
00:00
any Linux systems with an accessible console.
00:00
Because it provides ample opportunity
00:00
to unfortunately reboot systems,
00:00
especially when their production that
00:00
can be a very bad day.
00:00
Then we showed how we could disable Control Alt Delete
00:00
on system V,
00:00
CSV/init, as well as systemd
00:00
systems during our demo today.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next