37 messages in org.freebsd.freebsd-questionsroot login with telnetd| From | Sent On | Attachments |
|---|---|---|
| Wojciech Puchar | Mar 10, 2007 9:51 pm | |
| Kevin Kinsey | Mar 10, 2007 10:05 pm | |
| Beech Rintoul | Mar 10, 2007 10:38 pm | |
| al...@schnarff.com | Mar 11, 2007 12:17 am | |
| Wojciech Puchar | Mar 11, 2007 7:13 am | |
| Wojciech Puchar | Mar 11, 2007 7:16 am | |
| Garrett Cooper | Mar 11, 2007 7:31 am | |
| Wojciech Puchar | Mar 11, 2007 7:41 am | |
| Wojciech Puchar | Mar 11, 2007 7:41 am | |
| Beech Rintoul | Mar 11, 2007 9:03 am | |
| Christian Walther | Mar 11, 2007 9:43 am | |
| Wojciech Puchar | Mar 11, 2007 10:07 am | |
| Wojciech Puchar | Mar 11, 2007 10:08 am | |
| Howard Jones | Mar 11, 2007 10:52 am | |
| Wojciech Puchar | Mar 11, 2007 11:12 am | |
| Howard Jones | Mar 11, 2007 11:28 am | |
| Wojciech Puchar | Mar 11, 2007 12:41 pm | |
| Sergio Lenzi | Mar 11, 2007 2:09 pm | |
| Sergio Lenzi | Mar 11, 2007 2:22 pm | |
| Wojciech Puchar | Mar 11, 2007 3:55 pm | |
| Hugo Silva | Mar 11, 2007 4:19 pm | |
| Hugo Silva | Mar 11, 2007 4:31 pm | |
| Paul Schmehl | Mar 11, 2007 5:11 pm | |
| Christian Walther | Mar 11, 2007 7:52 pm | |
| Gerard Seibert | Mar 11, 2007 8:10 pm | |
| Wojciech Puchar | Mar 11, 2007 8:46 pm | |
| Sergio Lenzi | Mar 11, 2007 8:59 pm | |
| Gerard Seibert | Mar 11, 2007 9:03 pm | |
| Jeff Rollin | Mar 11, 2007 9:58 pm | |
| Wojciech Puchar | Mar 11, 2007 10:31 pm | |
| Wojciech Puchar | Mar 11, 2007 10:32 pm | |
| Wojciech Puchar | Mar 11, 2007 10:39 pm | |
| Sergio Lenzi | Mar 12, 2007 2:00 am | |
| Wojciech Puchar | Mar 12, 2007 7:47 am | |
| Sergio Lenzi | Mar 12, 2007 1:37 pm | |
| Sergio Lenzi | Mar 12, 2007 1:39 pm | |
| Chris Kottaridis | Mar 12, 2007 5:13 pm |
| Subject: | root login with telnetd | |
|---|---|---|
| From: | Garrett Cooper (yous...@u.washington.edu) | |
| Date: | Mar 11, 2007 7:31:20 am | |
| List: | org.freebsd.freebsd-questions | |
On Mar 10, 2007, at 11:16 PM, Wojciech Puchar wrote:
can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ?
with sshd and rshd it can be set, with telnetd - no success.
once again - can someone answer my question instead of giving very "intelligent" comments?
Not sure. If I'm reading ttys(5) correctly though this is the section of interest:
``secure'' (if ``on'' is also specified) allows users with a uid of 0 to login on this line. The flag ``dialin'' indicates that a tty entry describes a dialin line, and ``network'' indicates that a tty entry pro- vides a network connection. Either of these strings may also be speci- fied in the terminal type field. The string ``window='' may be followed by a quoted command string which init(8) will execute before starting the command specified by the second field.
So I think that the following would be valid (but possibly dangerous if you use other login daemons like rshd, sshd for logging in remotely); that may be fixable with a firewall though and specific rules to each daemon though.
In ttys (near bottom), instead of:
ttyp0 none network
try:
ttyp0 none network on secure
and repeat for the rest of the ttys you wish to enable the option for.
Why not use root login with telnet or standard getty through serial though :\? -Garrett