On Tue, Feb 25, 2003 at 05:08:37PM +0100, Vincent Couvreur wrote:
> In my securetty i 've already have :
> And it does not work
> ----- Original Message -----
Hi Vince,
Looks like my original post got truncated at the first "." alone as the first
char on a line. -- (trivia question everyone - why did this happen? );-) 

I'll modifiy the post so all of it gets posted this time.  Since you can login
as other users but not root I'm pretty sure that the securetty file is 
your problem.   (but using telnet to login as root is still a poor ides
I use ssh even on my home LAN and telnet is disabled.)

Here is the full post:


yep, definitely a no-no.  Anyone running tcpdump or ethereal or any one of
dozens of linux or Windows packet sniffers can snatch your root password off
the LAN.  If your not worried about that then add the names of the tty lines
you wish to be able to login as root from to the file /etc/securetty

The file can look like this:
[EMAIL PROTECTED] root]# cat /etc/securetty
vc/1
vc/2
vc/<N>
...
tty1
tty2
tty<N>
....
pts/1
pts/2
pts/<N>
.....


where vc - virtual consoles ( these should be there!)
and tty = serial ports, including modem lines
and pts = pseudo ports - mainly Ethernet sockets, for coming in over the
network.

I recommend you skip telnet and use ssh.  It allows you to do everything
telnet does but it connects over an encrypted link so your password can't get
sniffed and no one can login to your system as root remotely even if they have
the password via telnet (assumes securetty doesn't have pts's in it)  This way
you are "more" protected when someone gets past your firewall. (but even
"more" is a relative thing.)

Ans to trivia question - to many mailers "." alone on a line indicates the
end of the email message.



-- 
Jeff Kinz, Emergent Research,  Hudson, MA.  "[EMAIL PROTECTED]" 
"[EMAIL PROTECTED]" copyright 2003.  Use is restricted. Any use is an 
acceptance of the offer at http://users.rcn.com/jkinz/policy.html.
-- 
Jeff Kinz, Emergent Research,  Hudson, MA.  "[EMAIL PROTECTED]" 
"[EMAIL PROTECTED]" copyright 2003.  Use is restricted. Any use is an 
acceptance of the offer at http://users.rcn.com/jkinz/policy.html.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to