If you were to read his original email you would notice this is on a private
network. I totally understand the "BADNESS" of root over telnet so thanks
for wasting your time pointing this out to me. I'm simply trying to help the
guy from going to the trouble of messing with a bunch of files in his /etc
directory and giving him the "simple" solution. I agree that ssh is the way
to go and that is what I use... The RPM is actually *REALLY* easy so I
totally recommend it.
This is open for discussion.. :)
Steve Curry
NonStopNet.Net, Inc.
http://www.nonstopnet.net
email: [EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Gordon Messmer
Sent: Wednesday, September 06, 2000 11:14 PM
To: [EMAIL PROTECTED]
Subject: RE: allowing root telnet access
On Wed, 6 Sep 2000, Steve Curry wrote:
> Why don't you just login under a normal user account and then "su" to
root?
> This is the easiest way, and the way most of us do it.
If that's "the way most of us do it", then it's probably worth pointing
out that getting root over telnet, including using su is *BAD* *BAD*
*BAD*. You're still sending the password in plain text over a TCP
connection. The same thing holds true for the telnet authentication
(/bin/login), su, sudo, POP, IMAP, FTP, etc.
To protect your systems, you really should use encrypted connections for
everything. Use ssh instead of telnet; set up stunnel, jonama, or other
SSL proxy for other services.
ssh really isn't more difficult to use than telnet. Even the command line
is shorter :) (Set up RSA authentication, and ssh becomes even easier
AND more secure)
MSG
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
