root login with telnetd
Garrett Cooper
youshi10 at u.washington.edu
Sun Mar 11 07:31:34 UTC 2007
On Mar 10, 2007, at 11:16 PM, Wojciech Puchar wrote:
>> can it be set to make possible to login root to machine through
>> telnet and without telneting to some user and then su -
>> ?
>>
>> with sshd and rshd it can be set, with telnetd - no success.
>>
> once again - can someone answer my question instead of giving very
> "intelligent" comments?
Not sure. If I'm reading ttys(5) correctly though this is the section
of interest:
``secure'' (if ``on'' is also specified) allows users with a uid of 0 to
login on this line. The flag ``dialin'' indicates that a tty
entry
describes a dialin line, and ``network'' indicates that a tty
entry pro-
vides a network connection. Either of these strings may also
be speci-
fied in the terminal type field. The string ``window='' may be
followed
by a quoted command string which init(8) will execute before
starting the
command specified by the second field.
So I think that the following would be valid (but possibly dangerous
if you use other login daemons like rshd, sshd for logging in
remotely); that may be fixable with a firewall though and specific
rules to each daemon though.
In ttys (near bottom), instead of:
ttyp0 none network
try:
ttyp0 none network on secure
and repeat for the rest of the ttys you wish to enable the option for.
Why not use root login with telnet or standard getty through serial
though :\?
-Garrett
More information about the freebsd-questions
mailing list