RE: [SLUG] help : telnet RedHat7.1
OK if your telnet is in fact working and it's just root that's not allowed.. the only thing I could do to get working was to remove securetty from the PAM settings as this was the only way I could get it to work.. No one on slug was able to give me answers long long ago when I needed it but this was what i did... vi /etc/pam.d/login #%PAM-1.0auth optional /lib/security/pam_securetty.soauth required /lib/security/pam_pwdb.so shadow nullokauth required /lib/security/pam_nologin.soaccount required /lib/security/pam_pwdb.sopassword required /lib/security/pam_cracklib.sopassword required /lib/security/pam_pwdb.so nullok use_authtok md5 shadowsession required /lib/security/pam_pwdb.sosession optional /lib/security/pam_console.so Changed the line with securetty from required to optional this makes it available from anywhere so the only thing you can do is stop it when it gets to the shell.. it's very grude but works for me.. Didn't worry me anyway and I have software which monitors all logs and alerts on problems.. ie root logins from elsewhere.. -Original Message-From: henry [mailto:[EMAIL PROTECTED]]Sent: Tuesday, 29 January 2002 5:02 PMTo: [EMAIL PROTECTED]Subject: [SLUG] help : telnet RedHat7.1 Dears: I installed RedHat choosed No_Firewall,then modify /etc/securetty by adding 0 1 2 3 (0 1 2 3 means that 4 tty(s) can telnet this host as root) I just cant telnet from outside as root though I can ping from outside Could someone help me ? TIA Henry
Re: [SLUG] help : telnet RedHat7.1
This one time, at band camp, henry wrote: Dears: I installed RedHat choosed No_Firewall, then modify /etc/securetty by adding 0 1 2 3 (0 1 2 3 means that 4 tty(s) can telnet this host as root) No, it means that root can log in on /dev/0, /dev/1, /dev/2, and /dev/3 terminal devices. As these don't exist, I don't expect you'll be able to log in as root anywhere. What you should do is log in as a non-root user, then run 'su -' to switch to root. Fix /etc/securetty by changing it to read: console tty0 tty1 tty2 tty3 and then you will be able to log in on the virtual consoles. If you really want to be able to telnet to this machine as root (and I really suggest that you don't, always connect as a normal user when using a remote shell and then use su), then add ttyp0 and so on to /etc/securetty. Better yet, install ssh on that machine and don't use telnet at all. -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg Telepath needed. You know where to apply. -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] help : telnet RedHat7.1
On Tue, 2002-01-29 at 17:01, henry wrote: Dears: Ooh! I just cant telnet from outside as root though I can ping from outside Check in /etc/xinetd.d (I think, I don't use Red hat but helped someone with this recently) and look in the config file for telnet. There is an option line in there for enable which should be yes. HTH. By the way you should really be using SSH. And if you really do want to use telnet only enable it for the period required. TIA Henry -- ** * Simon Wong * ** -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
RE: [SLUG] help : telnet RedHat7.1
just as a test, try removing /etc/securetty by doing cp /etc/securetty /etc/securetty.orig now try to telnet in as root from the outside and see if that works. I had the same problem and found that removing the file fixed the problem ( i dont know if its the right way to fix it tho ) -Original Message-From: henry [mailto:[EMAIL PROTECTED]]Sent: Tuesday, 29 January 2002 5:02 PMTo: [EMAIL PROTECTED]Subject: [SLUG] help : telnet RedHat7.1 Dears: I installed RedHat choosed No_Firewall,then modify /etc/securetty by adding 0 1 2 3 (0 1 2 3 means that 4 tty(s) can telnet this host as root) I just cant telnet from outside as root though I can ping from outside Could someone help me ? TIA Henry Searching for "A Better Way" to a home loan ?. Call RAMS on 13 7267, or go to www.rams.com.au The e-mail and any attachments may contain confidential information. If you receive it in error you must not use or disclose the information. You must tell us and delete it. We do not waive any legal privilege by sending it. RAMS does not promise that the email is free from virus defect or error