telnet login using root password

prasunhowlader · 08-31-2008, 11:26 PM

I am using redhat linux 9. When i connect this using telnet i must using user password. How can i connect telnet using root password?

your_shadow03 · 09-01-2008, 12:06 AM

I assumes that you have the telnet-server package properly installed and listening on port 23.

By default, for security purposes, the root user can not telnet to a Red Hat system. One way to change this it to modify your /etc/pam.d/login and /etc/pam.d/remote files. A default file looks similar to this:

Code:

#%PAM-1.0
auth       required     pam_securetty.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    optional     pam_console.so

In this file, the first line:

Code:

auth       required     pam_securetty.so

is what controls the root login for telnet, as well as other services. Understand what you are doing before making this change. If you do not understand what this will do to your system, then do not proceed.

In order to allow root login with telnet, comment out the first auth line so that your /etc/pam.d/login looks like this:

Code:

#%PAM-1.0
#Commented out below line in order to allow root access for telnet
#auth       required     pam_securetty.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    optional     pam_console.so

Once you save these changes, you should be able to telnet to your system as the root user:

Code:

[root@jaws root]# telnet 10.0.0.15
Trying 10.0.0.15...
Connected to 10.0.0.15.
Escape character is '^]'.
Red Hat Enterprise Linux AS release 3 (Taroon Update 5)
Kernel 2.4.21-32.0.1.ELsmp on an i686
login: root
Password:
Last login: Sat Oct 22 11:58:56 from 10.0.0.25

Note: Make sure that the telnet service is enabled. To enable telnet:

Code:

chkconfig --level 345 telnet on

chrism01 · 09-01-2008, 03:32 AM

If that's the orig RH9, not RH Fedora 9, it was discontinued yrs ago, so don't use it as it's wide open to exploits. Speaking of which, don't use telnet, use ssh, and login via non-root user, then su or sudo up to root as reqd.

arizonagroovejet · 09-01-2008, 03:50 AM

Everything chrism01 one said because seriously, typing your root password over a telnet link, be it logging in as root or as another user and the using su is very unwise. In case you were not aware telnet is an insecure protocol that sends everything you do, including username and password, in clear text meaning if someone intercepts your traffic they know everything you typed. ssh encrypts everything including the username and password.
As for enabling remote login by root, well magine you want to try and brute force your way in to a system remotely. To do this you need to hit both a valid username and password. The usernames on the system could be anything, but there is guaranteed to be a user called root so that's what people attack. If you have a machine attached to the Internet with ssh enabled and look at the logs then chances are you'll see failed attempts to log in as root. If you must enable remote root login only do so for ssh key authenticated connections.