Fabio Coatti wrote:
>
> On Sun, Mar 14, 1999 at 12:44:03AM +0800, Kuraiken wrote:
>
> > Now...after this frightening escapade, I'm very carefull about doing
> > overly weird things even though this is just a knock-about 'server'. My
> > question is this: How come I cannot telnet in as root? (I know there are
> > security risks but it's an internal server run and admined by me *gasp*
> > ;-)) Is there some conf. file I can/need to change?
>
> sure. your /etc/securetty file is a list of "secure" ttys, the ones
> where root is allowed to log in. Just add "telnet" ttys to this file:
> ...
> ttyp0
> ttyp1
> ttyp2
> ...
I would STRONGLY encourage you NOT to do this. By doing this, you've
cut the work required of a Bad Guy Seeking To Get Root by half. At
least with the default configuration, the Bad Guy has to know two
passwords (normal user + root). By making this modification, you allow
him to only have to hack one password.
Truthfully, if you find that you're likely to do alot of system
administration work remotely, I'd encourage you to look into SSH. Think
of it like an encrypted telnet. As this is the only machine I ever
connect to, I've never used it. Sysadmins I've talked to swear by it if
the connection is going over the open Internet.
--
Steve Philp
[EMAIL PROTECTED]
