LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-27-2003, 04:46 AM   #1
dibakar
LQ Newbie
 
Registered: Feb 2003
Posts: 22

Rep: Reputation: 15
Red face TELNET, FTP, Mail Clients...


Hi,
All

I am not able to Telnet, Ftp to my Linux Server as root, but I can log into my linux Server as non-root. I have created one user named "Sap" and I can log into the Linux server as "Sap"...but the login is denied if I try to log in as root...why ???? I m totally clueless ...please help me......is it feasible at all or not...???please lemme know...

Also I am not able to access mails sent to root using my mail clients "Kmail" and " Netscape Communicator", but I am able to access the mails of other users using same mail clients "Kmail" and " Netscape Communicator"...why????
Please help me as I need a solution soon.....
Any response will be highly appeciated....

Thanks in advance....
 
Old 02-27-2003, 04:55 AM   #2
xYko
Member
 
Registered: Feb 2003
Location: Helsingborg, Sweden
Distribution: Slackware
Posts: 52

Rep: Reputation: 16
Most distributions come with configuration files forbidding remote root login. I think there should be a file /etc/securetty or something like that, look at that..
Dont know about the mail, but the usual convention is that mail to root@ gets forwarded to a normal account, so root shouldn't really get any mail.
Log in as a normal user and use the 'su' command to become root instead. I wouldn't do it across telnet though, since it's completely unencrypted, might get snooped along the way..
 
Old 02-27-2003, 03:46 PM   #3
BenCarlisle
LQ Newbie
 
Registered: Feb 2003
Distribution: RH7,RH8,Slack
Posts: 29

Rep: Reputation: 15
Dibakar,

As xYKo indicated, you may modify your /etc/securetty file to allow root to telnet into the machine. Or you can telnet in as another user and then use su - root to switch to the root user.

As far as FTP, it depends on which daemon you're using, but most of them use the /etc/ftpusers file which lists the users that may not log into the machine using FTP.

That being said, if you need secure access to your machine (and you do, assuming you are connecting to it over public networks), you will want to install ssh (website). It will allow you to login as root, as your authentication information, as well as all traffic, is encrypted.

Hope this helps further.
 
Old 03-02-2003, 12:07 PM   #4
dibakar
LQ Newbie
 
Registered: Feb 2003
Posts: 22

Original Poster
Rep: Reputation: 15
Hello,
xYKo and Bencarlisle

I am able to find and open the /etc/securetty file with "vi" editor, but not sure what to modify/add in that file so that root can telnet to the linux server. Please write to me clearly that what should I add or modify in that file to allow root to telnet to the Linux server. Also please note that I am not connecting to the public network. I have an intranet and using Kmail . Netscape communicator as clients. I am able to access mails as other users using Kmail and Netscape Communicator, but i am not able to access the mails sent to root using Kmail and netscape communicator. Please help me !!
 
Old 03-02-2003, 12:42 PM   #5
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 197Reputation: 197
Quote:
Originally posted by dibakar
Hello,
xYKo and Bencarlisle

I am able to find and open the /etc/securetty file with "vi" editor, but not sure what to modify/add in that file so that root can telnet to the linux server. Please write to me clearly that what should I add or modify in that file to allow root to telnet to the Linux server. Also please note that I am not connecting to the public network. I have an intranet and using Kmail . Netscape communicator as clients. I am able to access mails as other users using Kmail and Netscape Communicator, but i am not able to access the mails sent to root using Kmail and netscape communicator. Please help me !!
Let me state one thing, logging in thru telnet remotely as root is basically a big security risk. You might as well give out your IP address along with root password. You should never login over a remote connection as root, why not do it the safe way, use ssh and when you connect as a regular user, if you need to become root, then just issue the su command for root privileges. For even better security, setup sudo to perform tasks only root can perform.

But I would say no to giving root login access over a remote connection, its a very bad technique and not a good habit to pick up.

To edit in vi with some common commands used:

I ( Eye not L or one ) = Insert so you can type
Esc = Command mode to save, make changes. You have to be in Command mode after editing to save and exit.
qw! = A quick method to quit and write to the file.
Shift + ZZ = An even quicker way to exit saving changes.
x (while in command mode) = Deletes one character at a time.
dd (Command mode) = Deletes a whole line.
 
Old 03-03-2003, 10:10 AM   #6
dibakar
LQ Newbie
 
Registered: Feb 2003
Posts: 22

Original Poster
Rep: Reputation: 15
Okay trickykid, I can understand that concern of yours. But will someone please tell me what should I add/modify in /etc/securetty file so that one can telnet as root from a remote system.

Thanks
 
Old 03-03-2003, 04:02 PM   #7
BenCarlisle
LQ Newbie
 
Registered: Feb 2003
Distribution: RH7,RH8,Slack
Posts: 29

Rep: Reputation: 15
Okay, well, it's your system.

From the man page:

/etc/securetty is used by login(1); the file contains the device names of tty lines (one per line, without leading /dev/) on which root is allowed to login.

The altogether obvious reason is that you don't want root to telnet directly to your machine - Changing this from the default would be a galactically stupid idea. I do not recommend at all you allowing telnet root access. However, if you are so inclined, simply add the TTYs (read above) that you want root to be able to login on. For you, I assume it would be the pseudo TTYs on pts/0, 1, 2, .....

Again, I do not recommend doing this, instead I recommend the host of other options provided in this thread.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Configure & Connect a Linux mail server from a windows mail clients digihall7 Linux - Networking 4 10-23-2006 12:21 PM
Clients telnet for linux RaulBond Linux - Networking 4 08-12-2005 02:52 PM
Web clients (SSH, TelNet and IRC) Granden General 0 06-27-2005 03:24 AM
X forwarding over telnet/ssh to Windoze clients: How?! Napalm Llama Linux - Newbie 5 12-20-2004 03:02 PM
Store mail local and view with several mail clients... elluva Linux - Software 22 05-11-2004 04:27 PM


All times are GMT -5. The time now is 06:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration