LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-03-2002, 06:49 PM   #1
uprichard
LQ Newbie
 
Registered: May 2002
Posts: 3

Rep: Reputation: 0
Login thru telnet as root


Can someone tell me if it is possible (if so how) to change the security so that someone telneting to the machine can login as root.

Currently it says that the login is incorrect.
 
Old 05-03-2002, 08:04 PM   #2
zmedico
Member
 
Registered: Feb 2002
Location: Mission Viejo, California, USA
Distribution: Gentoo
Posts: 707

Rep: Reputation: 30
Just telnet as a normal user, then use "su" to become root. Careful though, this is insecure. ssh is more secure than telnet.

Last edited by zmedico; 05-03-2002 at 08:06 PM.
 
Old 05-03-2002, 08:13 PM   #3
uprichard
LQ Newbie
 
Registered: May 2002
Posts: 3

Original Poster
Rep: Reputation: 0
I could do that but I am trying to do some automation with Perl.

I only need to run one command so I would rather login as root and not have to change users.

Dont want to use SSH as at some point I will need to be able to access other systems that do not support SSH.
 
Old 05-03-2002, 10:52 PM   #4
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 270Reputation: 270Reputation: 270
i believe you can edit your /etc/securetty file accordingly...
 
Old 05-04-2002, 07:12 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603
...is this what I read between the lines...

I could do that but I am trying to do some automation with Perl. I only need to run one command so I would rather login as root and not have to change users.
Aka "I don't care about compromising security as I'm lazy *and* single minded as well, and would only like to finish this task, so don't stop bothering me and answer my question."

Dont want to use SSH as at some point I will need to be able to access other systems that do not support SSH.
Aka "I think I have an excuse for *not* using SSH, and I don't care how feeble it is and I don't know how to operate SSH."

There is *no* excuse degrading your boxes security by allowing plaintext telnet traffic as user or root, if you are working on a LAN with access to the internet or a LAN that has untrusted users on it, so I urge you to trade telnet access in for SSH. Allowing telnet is a Bad Thing, and allowing root to telnet in opens your boxes up to password guessing for example by brute force attacking.
 
Old 05-04-2002, 11:11 AM   #6
Lazarus
Member
 
Registered: Dec 2001
Location: Kent in UK
Distribution: Fedora 2
Posts: 170

Rep: Reputation: 30
You can comment out the line in /etc/pam.d containing
pam.securitty.so. The 1st line in RH 7.2 i use.
The use of telnet is frowned on as insecure. If you are not
connecting the compuer to the wide world should be ok
otherwise risky especialy as root!!
 
Old 05-07-2002, 01:05 PM   #7
tyler_durden
Member
 
Registered: May 2001
Posts: 125

Rep: Reputation: 15
Quote:
I only need to run one command so I would rather login as root and not have to change users.
First, there are some ways around this. write a script that runs the command then suid it root. This is at least more secure than transmitting your password so the whole world can see it. This can be done in c with about 3 minutes worth of work
 
Old 05-07-2002, 07:34 PM   #8
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603
write a script that runs the command then suid it root.
...ok, so for instance you don't check your input and someone attaches some extra arguments... Sure it won't allow users to fsck up major?
 
Old 05-07-2002, 07:38 PM   #9
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233

Rep: Reputation: 406Reputation: 406Reputation: 406Reputation: 406Reputation: 406
just rename the /etc/secruretty to something else like /etc/securetty.old if the /etc/securetty file can't be found, then by default root can log in from anywhere, but i wouldn't recommend doing this too often unless you don't care if your computer is hacked. after all it's your system, you can do with it whatever you want
 
Old 05-08-2002, 01:25 AM   #10
tyler_durden
Member
 
Registered: May 2001
Posts: 125

Rep: Reputation: 15
Quote:
...ok, so for instance you don't check your input and someone attaches some extra arguments... Sure it won't allow users to fsck up major?
well, first, its better then telnetting root.

second, you can control the permisions of the script so only a certian user can run it.

i agree its not the best option out there, but its better then the alternitives presented so far.
 
Old 05-08-2002, 11:42 AM   #11
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603Reputation: 3603
()but its better then the alternitives presented so far.

I disagree. The best alternative, as presented in the 1st reply, is to use *ssh*.
 
Old 05-09-2002, 01:12 PM   #12
uprichard
LQ Newbie
 
Registered: May 2002
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks for all the help.

As the machines are in our internal QA lab I have no issues about security. So I went with the option of changing /etc/securetty
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to login as root via telnet stevel Linux - Security 8 11-19-2008 06:09 AM
How is it possible to login as root with Perl script and used telnet.pm manu0573 Linux - Software 1 07-27-2005 06:22 PM
Can't login with TELNET for ROOT sjcollier Linux - Newbie 5 08-17-2003 04:07 PM
Telnet login as root macone Linux - Security 7 11-13-2002 06:39 AM
Root login to telnet sarmadys Linux - Security 6 01-24-2002 02:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration