From owner-freebsd-questions Thu Jul 23 18:19:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA09610 for freebsd-questions-outgoing; Thu, 23 Jul 1998 18:19:29 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from allegro.lemis.com (allegro.lemis.com [192.109.197.134]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA09600 for ; Thu, 23 Jul 1998 18:19:24 -0700 (PDT) (envelope-from grog@freebie.lemis.com) Received: from freebie.lemis.com (freebie.lemis.com [192.109.197.137]) by allegro.lemis.com (8.9.1/8.9.0) with ESMTP id KAA01114; Fri, 24 Jul 1998 10:48:18 +0930 (CST) Received: (from grog@localhost) by freebie.lemis.com (8.9.1/8.9.0) id KAA06433; Fri, 24 Jul 1998 10:48:17 +0930 (CST) Message-ID: <19980724104816.P716@freebie.lemis.com> Date: Fri, 24 Jul 1998 10:48:16 +0930 From: Greg Lehey To: Andrew_Werner/SSW/Lotus@lotus.com, freebsd-questions@FreeBSD.ORG Subject: Re: Question about remote root console References: <8525664A.004EA91F.00@mta2.lotus.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: <8525664A.004EA91F.00@mta2.lotus.com>; from Andrew_Werner/SSW/Lotus@lotus.com on Thu, Jul 23, 1998 at 10:09:17AM -0400 WWW-Home-Page: http://www.lemis.com/~grog Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-41-739-7062 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thursday, 23 July 1998 at 10:09:17 -0400, Andrew_Werner/SSW/Lotus@lotus.com wrote: > I used to be on this list and back in March and April I saw a post about > how it is possible to gain root from a login elsewhere than the console > itself. How is this done? I can't remember how to do this. Any help you > have would be appreciated. If you're thinking of logging in as root directly via a modem to a serial port, by default this works! I consider this a bug (I've only just discovered this). Specifically, the serial ports are /dev/ttyd0 to /dev/ttyd3, and this is what's in the default /etc/ttys: console none unknown off secure # ttyv0 "/usr/libexec/getty Pc" cons25 on secure # Virtual terminals ttyv1 "/usr/libexec/getty Pc" cons25 on secure ttyv2 "/usr/libexec/getty Pc" cons25 on secure ttyv3 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure # Serial terminals # The 'dialup' keyword identifies dialin lines to login, fingerd etc. ttyd0 "/usr/libexec/getty std.9600" dialup off secure ttyd1 "/usr/libexec/getty std.9600" dialup off secure ttyd2 "/usr/libexec/getty std.9600" dialup off secure ttyd3 "/usr/libexec/getty std.9600" dialup off secure The word 'secure' at the end of the line means that you can log in as root. To disable root login, just remove the 'secure'. Greg -- See complete headers for address and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message