Telnet root login
Julian Elischer
julian at elischer.org
Wed Mar 25 10:18:02 PDT 2009
Ian FREISLICH wrote:
> Barney Cordoba wrote:
>>> Barney, you have to make the network pseudo ttys secure,
>>> like:
>>>
>>> ttyp0 none network secure
>>>
>>> Ruben
>> Yes, the "its not a good idea" is dependent on whatever other
>> security you have in place. Having to log in twice to a test
>> machine on a secure internal network is an unnecessary annoyance.
>> The concept that every FreeBSD box in existence is publically accessible
>> is one of those ASSumptions that people should leave at the door.
>>
>> Ruben, the method you cite no longer works in -current as they've
>> changed things once again (which happens way too often when your CEOs
>> are a bunch of bearded academics :)
>>
>> I'm not sure if its the pty (the login terminal shows as pty/0 and
>> no longer ttyp0), or if its some PAM thing. Its rather annoying.
>> Such things as
>>
>> pty/0 none network secure
>> pty0 none network secure
>>
>> equally don't work. And I see no mention in any document as to how it
>> would be achieved with the current
>
> Then use ssh and set "PermitRootLogin yes" in /etc/ssh/sshd_config
this doesn't work if you are usinf a set of machines run from a
central machine using nc (netcat) to do scripted i/o through a telnet
session on the other machines (for example).
The advantage of telnet is you can pipe nc straight into it.
>
> Ian
>
> --
> Ian Freislich
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
More information about the freebsd-current
mailing list