Can't log in a root from anywhere but the console screen.

A.G. Russell IV arussell at agrussell.com
Thu Sep 28 05:51:16 PDT 2006 

On Thu, Sep 28, 2006 at 07:22:23AM -0500, Dustin Coates wrote:
> -----Original Message-----
> 
> From: Erik Norgaard [mailto:norgaard at locolomo.org] 
> Sent: 28 September 2006 09:42
> To: Jim Borland
> Cc: freebsd-questions at FreeBSD.org
> Subject: Re: Can't log in a root from anywhere but the console screen.
> 
> Jim Borland wrote:
> > I want to use a PC to telnet to the freeBSD server and login as root 
> > but it won't let me! Can you help? I can login as a normal user just 
> > not as root, I can't key in su to get in as superuser either.
> 
> 1) Don't use telnet, use ssh, for security.
> 2) Are you in the wheel group?
> 
> Erik suggested I use ssh, I've never used ssh before and when I do it
> says "the connection has been refused". 
> The "root" user is in the wheel group, I have a user called "jim" which
> is in a group called "group" he is able to login using telnet.
> 
> 
> 
> The best thing to do is to add the user "jim" to the wheel group, then you
> should be able to login as him over ssh, then su to superuser, and do
> virtually everything root can do. It is considered a security risk to allow
> root access to ssh. But it's your server. So if you want root to be able to
> login despite my warning.  Edit "/etc/ssh/sshd_config" and find
> "#PermitRootLogin no", remove the hash, and change the "no" to "yes"

First, sshd is not running, that is why "the connection has been refused"
messages is being seen.  put "sshd_enable=yes in /etc/rc.conf.

Look at /etc/defaults/rc.conf, it is your friend, and any daemon that you 
want to run, must have xyz_enable=yes in the /etc/rc.conf, if it conforms
to the current FreeBSD mores.

Also, as suggested above, add jim to the wheel group, this will allow you
to su to root.

Take a look at the 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
google and the above document, will answer a lot of your questions.

I Can't say in strong enough terms, how "Bad" and idea it is to have root
allowed for ssh, or even worse, to use telnet, especially over the Internet.

Good luck, FreeBSD is how we've run our servers for years, and have been solid
work horses.

A.G.
-- 
_______________________________________________________________________________
A.G. Russell IV  KC5KFD    The Knife Company   e-mail:  ag4 at theknifecompany.com
Phone 479-631-0055                                             FAX 479-631-8734
Old Klingon Saying --  'oH  majQa' yIn je bang, Qo' bang
-------------------------------------------------------------------------------

More information about the freebsd-questions mailing list