From owner-freebsd-questions@FreeBSD.ORG Sun Apr 24 11:38:33 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 719D916A4CE for ; Sun, 24 Apr 2005 11:38:33 +0000 (GMT) Received: from mail.nativenerds.com (host-70-0-111-24.midco.net [24.111.0.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B90843D2D for ; Sun, 24 Apr 2005 11:38:32 +0000 (GMT) (envelope-from estover@nativenerds.com) Received: from red (host-133-35-230-24.midco.net [24.230.35.133]) j3OBpPKs002917; Sun, 24 Apr 2005 05:51:25 -0600 (MDT) (envelope-from estover@nativenerds.com) From: Ed Stover To: kylin In-Reply-To: <87ab37ab050424035320a2266@mail.gmail.com> References: <87ab37ab05042403091245f21b@mail.gmail.com> <20050424102927.GA70619@slackbox.xs4all.nl> <87ab37ab050424035320a2266@mail.gmail.com> Content-Type: text/plain Organization: Native Nerds Date: Sun, 24 Apr 2005 05:39:16 -0600 Message-Id: <1114342756.32182.11.camel@red.nativenerds.com> Mime-Version: 1.0 X-Mailer: Evolution 2.0.3 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on mail.nativenerds.com cc: freebsd-questions@freebsd.org Subject: Re: how to enable the root in telnet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: estover@nativenerds.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Apr 2005 11:38:33 -0000 um hi On Sun, 2005-04-24 at 18:53 +0800, kylin wrote: > thank u for your advise! but now i am in a very save local network > ,and the su return sorry in my telnet, > so is that mean i have to go to ssh? or can i chage some file to enable it > thank u and best wishes > > On 4/24/05, Roland Smith wrote: > > On Sun, Apr 24, 2005 at 06:09:38PM +0800, kylin wrote: > > > i find it difficult to use root account when i telnet to freebsd 5.3 > > > release , anything need to change? > > > > You're not supposed to log in as root over telnet. It would expose the root > > password to anybody intercepting your IP traffic. > > > > It would be advisable to log in as a normal user via ssh (secure shell) > > and then su to root. Even if your ssh keys were compromised, an attacker > > would only gain access as a normal user. And since all communications > > are encrypted, it would be hard for an listener to get the root password. > > > > Roland > > -- > > R.F. Smith /"\ ASCII Ribbon Campaign > > r s m i t h @ x s 4 a l l . n l \ / No HTML/RTF in e-mail > > http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail > > public key: http://www.keyserver.net / \ Respect for open standards > > > > > > > > Ok, I would advise you to not use telnet to login as root as others have said previously. If you absolutely have to log in has root use secure shell. If you have ssh running already then uncomment and change the "#PermitRootLogin no" line to "PermitRootLogin yes" in your /etc/ssh/sshd_config file and restart secure shell. I tend to change the port that secure shell runs on as well to provide an additional level of security.