whoever are the member 'dba' group can login as the SYSDBA
sqlplus / as sysdba
By set parameter SQLNET.AUTHENTICATION_SERVICES in the file SQLNET.ORA. If this parameter is set to NONE, then the auto login of the SYSDBA role is disabled.
From that point on, if a *nix user belonging to the group dba wants to connect using the familiar login:
$ sqlplus / as sysdba
They will get:
ORA-01031: insufficient privileges
To connect, you must provide the SYS password.