Paul, Now you're asking the right questions. Yes, create an account that has only normal user privileges. Most distributions have either an "adduser" or "useradd" command to do this. You should read the man page for yours to see what additional command switches you need to specify so that the /home directory for the account gets created, etc.
Then, telnet in, and "su" to root, but only when you need to do something that requires root privileges. Keep in mind that anyone between you and the Linux/390 system could be running a sniffer program and capture your entire session, including any passwords. In your organization that might be grounds for termination, but someone might be tempted anyway. If you have something on your desktop that will act as an X Window manager, then get xdm/gdm/kdm running on your Linux/390 system, and sign in that way. Again, as the non-privileged user, and only su to root if needed. The "Distributions" Redbook has instructions on what you need to do to get xdm running. Sorry to hear you can't install useful non-standard-issue software on you desktop. That's a real pain, to say the least. I'll try to keep that in mind in the future when making recommendations to you. :( Mark Post -----Original Message----- From: paultz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 7:03 PM To: [EMAIL PROTECTED] Subject: Re: RH72 telnet >Telnet login by root is probably not allowed. It's not good security >practice since telnet traffic passes in clear text. Something someone in >your job would know is not a good thing. :) Touche, Mark! But if you had seen me cursing the HMC console using 'echo' to change parm files, you'd surely understand why I'm looking for a 'temporay' way to enable an X screen to finish up everything else! >Use OpenSSH instead, and use either TeratermPro with the ttssh SSH add-on, >or PuTTY to access your system. Life should be so easy that I had these choices to chose from. I have Reflections, and none of the connection methods you listed are available (nor could I install add-ons if I could get them). >Others can tell you how to allow root to >telnet in, but I won't, cause I like you. :) I hold you in high esteem, also, but if I were to do something to cause you NOT to like me ... THEN would you tell me :) ? (Remember ... this is only a 'temporary' thing, right?). BTW, ARE you saying I could create user accounts that could telnet in? Best regards, Paul
