Christopher Gorski wrote:
> I'm going away on vacation, and I want to be able to configure my system
> from away. How do I enable the root account to be accessable through
> telnet? I know I can su, but that doesn't give me access to all the
> commands I need (such as useradd).
The solution to this one is to use 'su -' instead of plain su. su <username>
by itself changes your user id to the named user (or root if you don't name
any user). su - <username> (note the dash) not only changes your user id, but
also runs the initialization scripts associated with the user you're changing
to. So among other things, you adopt the path of the user (in this case root)
and therefore access to all of the same commands. (If you want to look at
those user-specific config files, go to your home directory, type ls -a, and
look for the files that have dots as their initial characters -- many of them
are at least partially self-explanatory when pumped through your favorite text
editor.)
WRT the remote-user-security thing, disallowing remote root logins puts 'one
more barrier' in the way of a potential intruder. Instead of cracking your
root account remotely, they have to find some other account to crack first,
and then use that to lever their way into root access (while, hopefully, your
log daemons and human users keep careful watch for odd goings-on within the
system). As with most security measures, the decision to use remote-root
disabling (or not) depends entirely on you (and your site's security policy,
of course ;) ).
How paranoid are you? What have you got to lose if somebody snags your root
password? (time/trouble/annoyance to yourself and possibly others?)
On the other hand, since su - will get you all the root access you need, the
real inconvenience issue is sort of a non point. :)
If you _must_ enable remote root, I think you can do it by adding your dialup
device to the /etc/securetty file. But really, don't do that just to save
yourself typing one dash.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
