> > It is for security reason, you can't connect directly by root, only
> > with su.
>
> > > I use win95's telnet connect to RedHat Linux (kernel 2.0.33).
> > >I can not login using the name 'root'(of course I give the right
> > >password), but I can login using another name(such as 'guest')
> > >and 'su' to root. Why? thanks!
the explanation given omits the important reason: telnet is INSECURE.
you MUST NEVER telnet (or ftp or rlogin) as root, unless you have some
reason to believe your net is really, really free of sniffers. the issue,
of course, is that the password is transmitted in the clear, and therefore
trivial to sniff. most competent admins use ssh these days. there are
a few other secure login systems, but most are more obscure or difficult
to admin (ie, kerberos).
> To expand slightly on the above answer: if you log in as root nobody
> else can know who logged in as root. It is true that if you can log
this may be an issue for you; it certainly isn't a general one.
> A secure system will have a 'wheel' group. su will have group
this is also not universally true. it's a nice trick, but not necessary.
> Therefore, even a person who has managed to snoop the root password
> will not be able to su or log in as root without obtaining direct
uh, a sniffer will work just as well when you when you telnet/rlogin
as wheel, then su to root.
regards, mark hahn.
--
operator may differ from spokesperson. [EMAIL PROTECTED]
http://java.mcmaster.ca/~hahn
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
