LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-05-2003, 03:47 AM   #1
adme
Member
 
Registered: Jan 2003
Distribution: Redhat Psyche, Redhat Shrike, Solaris 9
Posts: 51

Rep: Reputation: 15
telnet via xinetd refuse root password


Hi Geeks,

I enabled here telnet:
[root@dell02 xinetd.d]# cat telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}
and restartet de daemon
[root@dell02 xinetd.d]# ps -ef | grep xinetd
root 969 1 0 Feb04 ? 00:00:00 xinetd -stayalive -reuse -pidfil
root 2522 1197 0 11:31 pts/0 00:00:00 grep xinetd
[root@uaila36 xinetd.d]# kill -1 969

when i try to telnet as root i get what you see (from localhost, via ssh) as normal user it works !!

[root@dell02 xinetd.d]# telnet localhost
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Red Hat Linux release 7.3 (Valhalla)
Kernel 2.4.18-3 on an i686
login: root
Password:
Login incorrect

login: Connection closed by foreign host.
[root@dell02 xinetd.d]#

i am not sure and believe this is a PAM problem, but I dont know how to enable it via PAM.

I know that telnet is a insecure service!!! i am behind a Firewall-1 (checkpoint) in a trusted network

thanx for answer

greetz
adme
 
Old 02-05-2003, 04:16 AM   #2
adme
Member
 
Registered: Jan 2003
Distribution: Redhat Psyche, Redhat Shrike, Solaris 9
Posts: 51

Original Poster
Rep: Reputation: 15
sorry for this stupid post

the answer is:

[root@dell02 pam.d]# cat /etc/securetty
# für Telnet
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
pts/10
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
[root@dell02 pam.d]#
 
Old 02-05-2003, 02:04 PM   #3
SlickWilly
Member
 
Registered: Dec 2002
Posts: 327

Rep: Reputation: 30
Not sure how useful that was..

But, some time ago... RedHat 6 I think it was, they disabled the ability to login as root via telnet.

I'm not entirely sure how / if you can turn it back on, mind.. but this is expected behaviour. Ideally you should use ssh, or telnet as a user and su.

It prevents things like brute-forcing your root password, as you can lock out a user who's being hacked (via telnet), but can't ideally do that for root.

Slick.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 10:28 PM
Password through telnet Ephracis Programming 9 12-16-2004 04:21 PM
RH7.1 - pop3 - xinetd - Can't telnet 110 from network elthespian Red Hat 1 01-27-2004 11:47 AM
Why cann't root modify the xinetd.d directory? gxie Linux - General 2 11-26-2003 03:33 PM
ftp/telnet & xinet.d/xinetd.conf adenardo Linux - General 3 12-20-2001 09:09 PM


All times are GMT -5. The time now is 03:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration