Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am unable to login via telnet to my Linux server (running YellowDogLinux) using the root account. But I am able to do so with an ordinary account. Why is that?
When I'm logged in as an ordinary user, I could change to SU with the same root password with no problem.
Another thing I noticed was I can't run certain commands after I logged in, not even after I switched to SU. For example when I run ifconfig, it tells me command not found. On the server itself i have no problem executing this command.
Originally posted by stevel
I am unable to login via telnet to my Linux server (running YellowDogLinux) using the root account. But I am able to do so with an ordinary account. Why is that?
possibly because telnet is insecure & the developers @ ydl have disabled root login so as to offer some protection for people who still need to use telnet.
Quote:
Originally posted by stevel
When I'm logged in as an ordinary user, I could change to SU with the same root password with no problem.
Another thing I noticed was I can't run certain commands after I logged in, not even after I switched to SU. For example when I run ifconfig, it tells me command not found. On the server itself i have no problem executing this command.
Originally posted by stevel
Also, out of curiosity, can anyone tell me where do we enable or disable root login for telnet?
as far as i know, you can't and you shouldn't anyways. it is setup that way for security purposes... if you want a secure login thru telnet though, i would recommend checking into ssh.
the reason you don't want to login directly as root is cause if anyone was to get your root password, then they have full control of your machine...
Originally posted by stevel Thanks. Trying su- works. Just out of curiousity, what does that little "-" do?
Also, out of curiosity, can anyone tell me where do we enable or disable root login for telnet?
The "-" logs you on as root rather then just makes you root, i.e. you get all the log on scripts running.
You still shouldn't send your root password over telnet though! Use ssh, its a lot more secure, has lots more features, and windows clients are available.
First I don't recommend you using an insecure protocol like DARPA "i.e telnet", use SSH2 instead for remote access.
And never allow root access as brute force on telnet is quite fast.
anyway answering your question, you need to allow access to the terminal that telnet uses for root, to do this you would add the lines.
ttyp0
ttyp1
ttyp2
ttyp3
to the file /etc/securetty
Type "man securetty" to find out more about it.
as Dorward already said the "-" option tells login to run the users environmental setting scripts from its home directory.
Can also use "-l"
eg. su -l root
Any how telnet root login possible in FC2/centos 5 i386
Any how telnet root login possible in FC2/centos 5 i386(not considering security issues).
For me it works in FC2/centos 5 i386 after executing this command:
mv /etc/securetty /etc/securetty.save(if other local user loggin is possible through telnet).
Try again root login through telnet after this with root password correctly
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.