Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 24 Apr 2005 05:39:16 -0600
From:      Ed Stover <estover@nativenerds.com>
To:        kylin <fierykylin@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: how to enable the root in telnet
Message-ID:  <1114342756.32182.11.camel@red.nativenerds.com>
In-Reply-To: <87ab37ab050424035320a2266@mail.gmail.com>
References:  <87ab37ab05042403091245f21b@mail.gmail.com> <20050424102927.GA70619@slackbox.xs4all.nl> <87ab37ab050424035320a2266@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
um hi
On Sun, 2005-04-24 at 18:53 +0800, kylin wrote:
> thank u for your advise! but now i am in a very save local network
> ,and the su return sorry  in my telnet,
> so is that mean i have to go to ssh? or can i chage some file to enable it 
> thank u and best wishes
> 
> On 4/24/05, Roland Smith <rsmith@xs4all.nl> wrote:
> > On Sun, Apr 24, 2005 at 06:09:38PM +0800, kylin wrote:
> > > i find it difficult to use root account when i telnet to freebsd 5.3
> > > release , anything need to change?
> > 
> > You're not supposed to log in as root over telnet. It would expose the root
> > password to anybody intercepting your IP traffic.
> > 
> > It would be advisable to log in as a normal user via ssh (secure shell)
> > and then su to root. Even if your ssh keys were compromised, an attacker
> > would only gain access as a normal user. And since all communications
> > are encrypted, it would be hard for an listener to get the root password.
> > 
> > Roland
> > --
> > R.F. Smith                           /"\    ASCII Ribbon Campaign
> > r s m i t h @ x s 4 a l l . n l      \ /    No HTML/RTF in e-mail
> > http://www.xs4all.nl/~rsmith/         X     No Word docs in e-mail
> > public key: http://www.keyserver.net / \    Respect for open standards
> > 
> > 
> > 
> 
> 
Ok, I would advise you to not use telnet to login as root as others have
said previously. If you absolutely have to log in has root use secure
shell. If you have ssh running already then uncomment and change the
"#PermitRootLogin no" line to "PermitRootLogin yes" in
your /etc/ssh/sshd_config file and restart secure shell. I tend to
change the port that secure shell runs on as well to provide an
additional level of security.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1114342756.32182.11.camel>