Date: Tue, 24 Oct 2000 00:17:10 -0700 From: Jamie Norwood <mistwolf@mushhaven.net> To: Keith Davey <kdavey@gus33.homeip.net> Cc: bk <koester@x-itec.de>, freebsd-questions@FreeBSD.ORG Subject: Re: Root-Like telnet account Message-ID: <20001024001710.A72677@mushhaven.net> In-Reply-To: <Pine.LNX.4.21.0010212334220.684-100000@gus33.homeip.net>; from kdavey@gus33.homeip.net on Sat, Oct 21, 2000 at 11:36:33PM -0700 References: <14122691348.20001020183900@x-itec.de> <Pine.LNX.4.21.0010212334220.684-100000@gus33.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Just wondering, why not just telnet/ssh in then SU? Jamie On Sat, Oct 21, 2000 at 11:36:33PM -0700, Keith Davey wrote: > > > On Fri, 20 Oct 2000, bk wrote: > > > Hello Travor, > > > > Monday, October 16, 2000, 12:34:20 AM, you wrote: > > > > >> Hi, > > >> > > >> I just installed FreeBSD on an older system I have, just to try it out, > > MG> and would like to be able to telnet into it, and configure things remotely. > > MG> Is is possible to make it so that I can login from root, or that another > > MG> account has many of the same pr > > >> velages as root, such as modifying configuration files? > > > > look at /etc/ttys and add "secure" on the terminal you want to connect > > to. if you do not know the right termial, login with a normal account > > remotely and use the command "w" to see who is online. > > > > Example: > > > > localhost# w > > 8:46PM up 1:11, 2 users, load averages: 0.01, 0.00, 0.00 > > USER TTY FROM LOGIN@ IDLE WHAT > > root v0 - 7:36PM 1:08 -csh (csh) > > blabla p0 master 8:39PM - w > > > > i am looging in as root remotely from v0 on the console and from p0 > > remotely. so i have to add secure to the ttyp0 pseudo terminal. > > > > If you want to keep your bsd system secure, i suggest you not to allow > > root to login remotely. > > Create a user with adduser command and put this user into the group > > "wheel". login with this user and enter "su" to switch to root > > account. This is more secure, because an external attacker do not know > > what account is required to logon or to be root. > > Another option is to use SSH with RSA key encription only set up. This is > a very conveniant and secure way to remotly administrate a box. > > Keith Davey > Tivoli Systems > > SNIP > > > -- > > Boris Köster > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001024001710.A72677>