Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Question on Root

  1. #11
    Senior Member
    Join Date
    Jul 2001
    Posts
    138

    more su syntax...

    If you type:
    su

    it will prompt you for a password (root's password)

    su -

    will prompt you for root's password, and will drop you into root's home directory after giving the password

    As for telnet "not letting root log in." That's not entirely true. I can log into my linux box (when I have the service running) as root without any problems.

    Happy Hacking

  2. #12

    Re: Question on Root

    Ok, for the first question, if you want to login as root with telnet, have a look at /etc/securetty. It describes the tty which are considered as enough secure to accept direct root login.

    If I were you, even on your lan, I would have a closer look at ssh or using su.

    "Man" is your friend!

    Jean-Francois

  3. #13

    ill put it into newbie terms....

    Here... ill put it into newbie terms for you..

    by default.. linux (last version i was with was 5.1 before moving to BSD) and FreeBSD will not allow you to login via telnet

    this is for security reasons, ie. it makes it easier to spot intruders playing mr admin

    therefore you need to su (basically asume that login in newbie terms)

    this means that by having to su to root, it makes it harder for lamers to break into you machines.

    put it another way.. they need to find an account and breach that first. not always terribly hard however but depends on the lamer trying to breach your system...

    however you CAN change this so u can directly login as root, but its made a default for a reason.

    anyhow to sum up... why dont you try reading a tutorial, or even the manual ???


    btw, FreeBSD 0wnz j00
    Don\'t blame the hardware, dont blame the OS, chances are its your fault

  4. #14
    Member
    Join Date
    Oct 2001
    Posts
    88
    Terr wrote:
    But I believe SU stands for Substitute User (Not SuperUser), and you invoke it like such:
    That is 100% correct. It means `Substitute User' and not `Super User'. With su you can become any user in the /etc/passwd file, giving just su with no username defualts to a root level priviledge of su. I am no sure when people started calling su `Super User', it is appropriate for the access granted by the command in my opinion even though it is not exactly correct.

  5. #15
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Half^A^Biscuit wrote:
    by default.. linux (last version i was with was 5.1 before moving to BSD) and FreeBSD will not allow you to login via telnet

    this is for security reasons, ie. it makes it easier to spot intruders playing mr admin

    therefore you need to su (basically asume that login in newbie terms)

    this means that by having to su to root, it makes it harder for lamers to break into you machines.
    There's actually an entry in most sshd_config files that reads:
    PermitRootLogin {yes|no}
    The default on RH7.1 was yes.

    I generally only keep /dev/tty1 in /etc/securtty, that way even if there's a misconfigured SSHD or something, you can only log in if you're sitting in front of my PC.

    psi0nic wrote:
    That is 100% correct. It means `Substitute User' and not `Super User'. With su you can become any user in the /etc/passwd file, giving just su with no username defualts to a root level priviledge of su. I am no sure when people started calling su `Super User', it is appropriate for the access granted by the command in my opinion even though it is not exactly correct.
    Also note that when you ARE root, and you use su to another username, you aren't prompted for a password.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  6. #16
    Senior Member
    Join Date
    Sep 2001
    Posts
    800
    Thanks for everybodys help on this.
    [gloworange]\"A hacker is someone who has a passion for technology, someone who is possessed by a desire to figure out how things work.\" [/gloworange]

  7. #17
    A few comment : NEVER EVER NEVER EVER telnet to your box and then make a "su root". This is the worse think to do concerning security. You have the openssh (www.openssh.org) that for, i mean on the fly cryptography for your packet.

    Do you REALLY want you login/password be sent in clear text all around the world ? I'am sure you don't, so move to openSSH. They have both server and client softs, + howto faqs.

    Then you also telnetssh from a windows box with advanced telnet client like "putty".

    A+ hantiz.
    Linoux c\'est de la bombe bébé !

  8. #18
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164

    Post

    Root logins are restricted in 'generic' installs for RH (and other flavors) as a security measure. If you *really* want to use it remotely, do like these guys said and get ssh (www.openssh.org) or take a chance and hack /etc/securetty.
    For extra info, the reason your 'test root account' didn't work is probably because the UID was set for 0, which == root. All user accounts are assigned unique (99.9% of the time) UIDs and everything is based off that UID. In 'restricted remote root login denial' code, it simply checks to see if your UID is 0. If so, deny.
    However, with your tty/pty in /etc/securetty, if you're coming from a pty listed, you can log in as root.

    Security measures I suggest for telnet:

    1: comment out telnet in /etc/services and disable it in /etc/xinetd.d/telnet by doing 'disable = yes'. Restart xinetd (ps -ef | grep xinetd | awk '{ print $1 }' | xargs kill -HUP).
    2: download SSH and install it to use port 22 for secure encrypted communication. It's the de facto standard for a LOT of places now and it's free for private/educational use.

    Hope this helps!

    Security = 1 / convenience (as stated in the USAH by Evi Nemeth who I got to meet at the LISA '99! I'm not worthy!)
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •