Using the Secure Attention Key

Edit online

A trusted communication path is established by pressing the Secure Attention Key (SAK) reserved key sequence (Ctrl-X, and then Ctrl-R).

Note: Use caution when using SAK because it stops all processes that attempt to access the terminal and any links to it (for example, /dev/console can be linked to /dev/tty0).

A trusted communication path is established under the following conditions:

When logging in to the system
After you press the SAK:
- If a new login screen displays, you have a secure path.
- If the trusted shell prompt displays, the initial login screen was an unauthorized program that might have been trying to steal your password. Determine who is currently using this terminal by using the who command and then log off.
When you want the command you enter to result in a trusted program running. Some examples of this include:
- Running as root user. Run as root user only after establishing a trusted communication path. This ensures that no untrusted programs are run with root-user authority.
- Running the su, passwd, and newgrp commands. Run these commands only after establishing a trusted communication path.