From owner-freebsd-current@FreeBSD.ORG Wed Mar 25 09:53:30 2009 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 872021065675 for ; Wed, 25 Mar 2009 09:53:30 +0000 (UTC) (envelope-from mail25@bzerk.org) Received: from ei.bzerk.org (tunnel490.ipv6.xs4all.nl [IPv6:2001:888:10:1ea::2]) by mx1.freebsd.org (Postfix) with ESMTP id 15D4B8FC1F for ; Wed, 25 Mar 2009 09:53:29 +0000 (UTC) (envelope-from mail25@bzerk.org) Received: from ei.bzerk.org (BOFH@localhost [127.0.0.1]) by ei.bzerk.org (8.14.2/8.14.2) with ESMTP id n2P9rPqt048595; Wed, 25 Mar 2009 10:53:26 +0100 (CET) (envelope-from mail25@bzerk.org) Received: (from bulk@localhost) by ei.bzerk.org (8.14.2/8.14.2/Submit) id n2P9rOgk048594; Wed, 25 Mar 2009 10:53:24 +0100 (CET) (envelope-from mail25@bzerk.org) Date: Wed, 25 Mar 2009 10:53:24 +0100 From: Ruben de Groot To: Chuck Robey Message-ID: <20090325095324.GB48145@ei.bzerk.org> References: <285790.99650.qm@web63903.mail.re1.yahoo.com> <49C9813C.3070404@telenix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49C9813C.3070404@telenix.org> User-Agent: Mutt/1.4.2.3i X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on ei.bzerk.org X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0.1 (ei.bzerk.org [127.0.0.1]); Wed, 25 Mar 2009 10:53:28 +0100 (CET) Cc: barney_cordoba@yahoo.com, current@freebsd.org Subject: Re: Telnet root login X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Mar 2009 09:53:31 -0000 On Tue, Mar 24, 2009 at 08:56:28PM -0400, Chuck Robey typed: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Barney Cordoba wrote: > > How do you enable root telnet access in current? I remember having some > > issue with specifying pty/0 in ttys years ago in linux but the right > > way to do it excapes me. > > I really wouldn't do that. If you have to get external root access, use ssh, > but if you haven't been broken into yourself, it's FAR more likely that you just > haven't seen it, than it hasn't happened. You don't want to allow folks into > your machine, there isn't any such thing as honor among those folks. Sound advice, but not an answer to his question. Barney, you have to make the network pseudo ttys secure, like: ttyp0 none network secure Ruben