telnet problem.
mandrake 10.0
i have problem on connecting by telnet. [root@Simlab-node4 root]# telnet 10.255.240.229 Trying 10.255.240.229... Connected to ws229.ltsp (10.255.240.229). Escape character is '^]'. Fedora Core release 3 (Heidelberg) Kernel 2.6.9-1.667 on an i686 login: root Password: Login incorrect login: root Password: Login incorrect login: [root@Simlab-node4 root]# ssh 10.255.240.229 root@10.255.240.229's password: Last login: Wed Sep 14 18:20:01 2005 from 10.255.240.208 [root@g04 ~]# i know password is correct is correct not that is not allowing to login. now where is the problem. |
Hi,
Root access to ssh is permitted/denied by a setting in sshd_config. This PermitRootLogin yes/no is what takes care of root access. Telnet does not have such a file. This is done, to my knowledge, by /etc/securetty (man securetty for details). You probably know this already, but: Do not use telnet, it's unsafe. Especially if you login as root (user/password is send over the line without encryption!!). Hope this helps. |
i have this file but i do not know how to change/
[root@g04 ~]# ls /etc/security/ access.conf console.apps group.conf opasswd time.conf chroot.conf console.perms limits.conf pam_env.conf [root@g04 ~]# cat /etc/security/access.conf # Login access control table. # # When someone logs in, the table is scanned for the first entry that # matches the (user, host) combination, or, in case of non-networked # logins, the first entry that matches the (user, tty) combination. The # permissions field of that table entry determines whether the login will # be accepted or refused. # # Format of the login access control table is three fields separated by a # ":" character: # # [Note, if you supply a 'fieldsep=|' argument to the pam_access.so # module, you can change the field separation character to be # '|'. This is useful for configurations where you are trying to use # pam_access with X applications that provide PAM_TTY values that are # the display variable like "host:0".] # # permission : users : origins # # The first field should be a "+" (access granted) or "-" (access denied) # character. # # The second field should be a list of one or more login names, group # names, or ALL (always matches). A pattern of the form user@host is # matched when the login name matches the "user" part, and when the # "host" part matches the local machine name. # # The third field should be a list of one or more tty names (for # non-networked logins), host names, domain names (begin with "."), host # addresses, internet network numbers (end with "."), ALL (always # matches) or LOCAL (matches any string that does not contain a "." # character). # # If you run NIS you can use @netgroupname in host or user patterns; this # even works for @usergroup@@hostgroup patterns. Weird. # # The EXCEPT operator makes it possible to write very compact rules. # # The group file is searched only when a name does not match that of the # logged-in user. Both the user's primary group is matched, as well as # groups in which users are explicitly listed. # ############################################################################## # # Disallow console logins to all but a few accounts. # +:ALL EXCEPT wheel shutdown sync:LOCAL # # Disallow non-local logins to privileged accounts (group wheel). # #-:wheel:ALL EXCEPT LOCAL .win.tue.nl # # Some accounts are not allowed to login from anywhere: # #-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL # # All other accounts are allowed to login from anywhere. # [root@g04 ~]# |
can any one guess the error?
|
Why not just login as a normal user and su to root?
|
i am root. i want to use my root user.so pls tell me the way to do.
|
At the login prompt, give the name of a non-root user. Enter that user's password. When you are connected, type
Code:
su - |
Hi,
Quote:
It could be that the /etc/securetty is not present, which could be the problem. Like I stated before, take a look at the manpage for securetty. Hope this clears things up a bit. |
All times are GMT -5. The time now is 08:31 AM. |