From owner-freebsd-questions@freebsd.org Tue Jan 17 08:52:52 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94F97CB47E7 for ; Tue, 17 Jan 2017 08:52:52 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EEF0B1456 for ; Tue, 17 Jan 2017 08:52:51 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from thor.intern.walstatt.dynvpn.de ([78.52.71.31]) by mail.gmx.com (mrgmx003 [212.227.17.190]) with ESMTPSA (Nemesis) id 0Ljqgb-1czzEu0rFJ-00bpQ2 for ; Tue, 17 Jan 2017 09:52:49 +0100 Date: Tue, 17 Jan 2017 09:52:43 +0100 From: "O. Hartmann" To: FreeBSD Questions Subject: Auto-dropping serial console connection: foo takeover Message-ID: <20170117095243.02c0c03b@thor.intern.walstatt.dynvpn.de> Organization: WALSTATT User-Agent: OutScare 3.1415926 X-Operating-System: ImNotAnOperatingSystem 3.141592527 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/h=jlYgXMk/5TbSzjacfT9mv"; protocol="application/pgp-signature" X-Provags-ID: V03:K0:8ZV/OKvdTXiOu3IjtLwZfStw5ULSGrPrpujeSm61Tqdx9U+bKv0 hvk2M6GicvjGk/fvxgZpxZJNLgOGn1E5oX08FeFGjA0wieNROioFZgFDGuj35JvJ9/FoyNe uarXB4c+u0ZzzGf2RN3q86azGUZG7UFcQ7nVNTguyRve82tQzfQXoIL2qWXh0nRGbza7dEH O+/GNEZGjE2pOSA7L2d3A== X-UI-Out-Filterresults: notjunk:1;V01:K0:4W4H7CCz3CY=:NBgxZuEGtxHxMyyFVqbMm1 trZeYBVBMo4c26JcwmOAHxORqAHOJMvbWGyvWXMqqQCUaqA4ZYkN50BXcelof5+wwGzKwBxVN APs9tT6oyeBuKqS6Ey8z+18rgvkPmYZzVOvJW73NtKM/iZW7CbcZ5ctke0GPZh41jFE6dUFfW gaHaZgzMr7z7+VwocUrMzeevQ7Ez4dQrpq/+8R8t5kSZi80s/27GfAJvH2AzDTYtWaeMPG/5D jAMbKWHLOAgNqyYlI0fWRIogp/io3zmvb7dBakWKlVw6agCr97ovCE9jC4rFggSQhhr0XkP9G cK2cKQlDncAgQyELUHZRa/I/yMklkm0PU2OmKBaoOXeZRKPojQa9/WLqsW2c4439hW2NoCT63 9yIhab6Tr9bUU2k86c2rNKU/rqfhRsVumMbpVmHJRy4265Gchs3Mvduukj+zj/iVN3fvxmzkh qn2m1+g8X824SasU4Egif+LhDfaiZHJDYNxmAV+sIIWxmLFfIcZw8AXBAOQPiNwqCvs4zkI4X HoUG02h/4AJGsx/9+ORZPR8As/PhDh9vV964ACKBIORoGPRhc+gyE5DVME0y9Ims5hk6nTqc4 yeBXOBquTKYi8f2NiHUDwx2HtT3TmGL4fCJIFf+tsZiPcN/ZWlfKNujL3GcuNGnib/hVglMDl K1aKf0aLsFruo2SNgwfljoVuOdptUnpIM3l2+6HqLIVAhLqUzcqhmOwz6Wb7QWrMe89PgTTgQ eAyXMVDnxw8BPwJg1Sd37DAqEr9xZaMwrs6lf1X40A3VS4OGcg5GIlgN5f8= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jan 2017 08:52:52 -0000 --Sig_/h=jlYgXMk/5TbSzjacfT9mv Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hello list. Havin a FreeBSD based router connected to a service PC via serial console/n= ull modem cabling, I realised that using "tip ucom1fast" gives me access to the conso= le even if I simply close the terminal window (X11/xterm) and reconnect again on the ver= y same box. I detail: loggin in into the router (FreeBSD 12-CURRENT) via "tip ucom1fast= " gives a console, on which I can log in as root. Doing so, working on the remote bo= x and then closing the X11 terminal, wait a few minutes, say, 15 minutes, opening anot= her X terminal and performing "tip ucom1fast" again, provides me with the same still logge= d in session as before! I waited for ~ 60 - 70 minutes and had success the very same way= - I gained root access to the console if root was logged in before the way described. = I consider this very dangerous. I tried to enbale auto logout on csh, which works, I also enabled auto logo= ut on ssh sessions, which works well, too. But the FreeBSD "sh" seems to be acient in= a way and doesn't provide any kind of auto logout or auto termination of the session = neither did I have success with /etc/login.conf and setting ":idletime=3D10m:". The big question is: how can I auto logout a user, even on the console? Please CC me, I'm not a subscriber of the list. Thanks in advance, Oliver --=20 O. Hartmann Ich widerspreche der Nutzung oder =C3=9Cbermittlung meiner Daten f=C3=BCr Werbezwecke oder f=C3=BCr die Markt- oder Meinungsforschung (=C2=A7 28 Abs.= 4 BDSG). --Sig_/h=jlYgXMk/5TbSzjacfT9mv Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iLUEARMKAB0WIQQZVZMzAtwC2T/86TrS528fyFhYlAUCWH3bWwAKCRDS528fyFhY lC1nAf44/8PVImSwA21cheaRgTlVP0XHKQ4Huvmdw4e7IwWXpMltdQjG8uOdkyaE EfusZ8476UKWeWqmYie6zWsWsCtRAf9CEwkZKr8ShZanw1MW62vBVG6PIogGE8vV asDFSsBbL6AOuTlyZ/PyzkYTlte3ygLAGJakjg+MwDyMCxv+9VI8 =6eGX -----END PGP SIGNATURE----- --Sig_/h=jlYgXMk/5TbSzjacfT9mv--