Ryan Leathers wrote:
Okay, this is dangerous. The use of telnet is bad news to start with, but you're sending the root password over the wire in clear text, and anyone on that network segment can simply grab it right off, with the use of easily available tools in windows (see http://www.ethereal.com). So be sure you know what you're in for, and for god's sakes don't do it over the Internet. Telnetting to the machine next to you on the desk on a single switch is Okay, but only in some technical not-happy sense of "Okay".You don't hear this one every day. I need to allow root telnet access to a Linux host. I think I need to modify /etc/securetty to permit this but I'm not sure exactly how, and my experiments so far are fruitless. Anyone know?
To prevent a flood of replies encouraging the use of SSH let me just say: in this unique case telnet is the ONLY choice.
Ryan
Having said that... on with answering your question. You can login as root via telnet if you add the appropriate tty entries to your /etc/securetty file. What "the appropriate tty entries" are for your system depends on how new / old it is. On a modern system (read: most distributions with a 2.4 kernel and newer), it should be something along the lines of some entries like this:
pts/0
pts/1
pts/2
pts/3
Essentially what you're adding at the UNIX98 pseudo-terminals that you end up logging in on. To see what those are, login to the box via telnet as a regular user, and then run "who" or "w", which will print out something akin to this:
7:58am up 56 days, 22:11, 1 user, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
asjoyner pts/0 <obscured for posting> 7:58am 0.00s 0.12s 0.02s w
The TTY entry is an example of what you want to add to /etc/securetty. Remember to add as many of the ttys as you think it's like that people will be logged in at a time. I'd add at least 4. That ought to get you started down the path to destruction. Please tread lightly and remember not to pet the 3-headed dog on your way in.
Aaron S. Joyner
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
