Telnet root login

Julian Elischer julian at
Wed Mar 25 10:18:02 PDT 2009

Ian FREISLICH wrote:
> Barney Cordoba wrote:
>>> Barney, you have to make the network pseudo ttys secure,
>>> like:
>>> ttyp0   none    network    secure
>>> Ruben
>> Yes, the "its not a good idea" is dependent on whatever other
>> security you have in place. Having to log in twice to a test
>> machine on a secure internal network is an unnecessary annoyance.
>> The concept that every FreeBSD box in existence is publically accessible
>> is one of those ASSumptions that people should leave at the door.
>> Ruben, the method you cite no longer works in -current as they've 
>> changed things once again (which happens way too often when your CEOs 
>> are a bunch of bearded academics :)
>> I'm not sure if its the pty (the login terminal shows as pty/0 and 
>> no longer ttyp0), or if its some PAM thing. Its rather annoying.
>> Such things as 
>> pty/0 none network secure
>> pty0 none network secure
>> equally don't work. And I see no mention in any document as to how it
>> would be achieved with the current
> Then use ssh and set "PermitRootLogin yes" in /etc/ssh/sshd_config

this doesn't work if you are usinf a set of machines run from a 
central machine using nc (netcat) to do scripted i/o through a telnet 
session on the other machines (for example).

The advantage of telnet is you can pipe nc straight into it.

> Ian
> --
> Ian Freislich
> _______________________________________________
> freebsd-current at mailing list
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at"

More information about the freebsd-current mailing list