From owner-freebsd-stable Thu May 3 14:48:28 2001 Delivered-To: freebsd-stable@freebsd.org Received: from rif.kconline.com. (rif.kconline.com [216.241.132.15]) by hub.freebsd.org (Postfix) with ESMTP id 8E50137B422; Thu, 3 May 2001 14:48:25 -0700 (PDT) (envelope-from rif@kconline.com) Received: from dune (dune.desert.kconline.com [216.241.133.5]) by rif.kconline.com. (8.11.3/8.11.1) with SMTP id f43LmI026924; Thu, 3 May 2001 16:48:18 -0500 (EST) (envelope-from rif@kconline.com) Message-ID: <00b601c0d41a$8f06ce40$0585f1d8@desert.kconline.com> From: "Jim Riffle" To: , "Gavin Atkinson" Cc: , References: <3AF0534B.FBD68B81@talarian.com> Subject: Re: telnet sometimes gets "SRA secure login" prompt?? Date: Thu, 3 May 2001 16:46:47 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2462.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > Ah - that explains it... Though to be honest, I was more worried as to why > > an out-of-the-box install of 4.3-RELEASE withg crypto installed would > > allow telnet in as root - and no, my ttys are not marked as secure. > > It's a bug. No one has reported it before. Now that I'm aware of it, I'll see what I can do. A quick way to disable root logins from remote is to edit the /etc/login.access file. SRA will still accept the user, but the login is denied. Unfortunately, with the acceptance, you know if you have the correct root password. -jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message