https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895529#M745461 Can you POST the output of this command again?<BR /><BR />grep telnet /etc/services /etc/inetd.conf<BR /><BR />because this is VERY wrong:<BR />/etc/services:telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b/etc/issue<BR /><BR />It should read:<BR /><BR />/etc/services:telnet 23/tcp # Virtual Terminal Protocol<BR />/etc/inetd.conf:telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue<BR /><BR /><BR />from your output /etc/services has the contents of /etc/inetd.conf - Hopefully just a TYPO of cut &amp; paste<BR /><BR />live free or die<BR />harry d brown jr<BR /> Mon, 11 Apr 2005 10:36:13 GMT harry d brown jr 2005-04-11T10:36:13Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895523#M745455 I have a server running HPUX 11.0.<BR />Problem has arisen : any user attempting to log into server using a telnet session is granted access without requesting a password.<BR />I have shutdown inetd until I have this solved.<BR />I have remove an and all .rhosts files and /etc/hosts.equiv. The system has been rebooted.<BR /><BR />Any ideas???<BR /> Mon, 11 Apr 2005 09:11:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895523#M745455 Eugene Klaus 2005-04-11T09:11:05Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895524#M745456 First you can shutdown telnet in<BR />/var/adm/inetd.sec and put in this:<BR />telnet deny<BR /><BR />so you won't have to shutdown inetd.<BR /><BR />Futher is it a trusted system or is it a non trusted system. If it is a non trusted system did you disable the non-password in the security file? if don't fix it.<BR /> Mon, 11 Apr 2005 09:20:32 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895524#M745456 Mark Nieuwboer 2005-04-11T09:20:32Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895525#M745457 Eugene,<BR /><BR />There are 2 possibilities here that I can think of;<BR /><BR />1) Users have no passwords. If the password field of /etc/passwd is empty, users won't be asked to enter a password.<BR /><BR />2) TAC access control is enabled on the server. This works in a similar way to host equivalency for rlogin. Check the telnetd line in /etc/inetd.conf If this contains the parameter -t, TAC is enabled. This is a security problem, as it works based on the UID number of the account, rather than the user name, so equivalence between hosts is not necessarily to the same user ID. This equivalence is based on /etc/hosts.equiv and local .rhosts files, so if you've removed those, it's unlikely to be this that's the problem. Mon, 11 Apr 2005 09:23:17 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895525#M745457 Chris Wilshaw 2005-04-11T09:23:17Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895526#M745458 <BR />any user name?<BR /><BR />What do the following commands<BR /><BR /> grep telnet /etc/services /etc/inetd.conf<BR /><BR /> ps -ef | grep -e telnet -e ssh<BR /><BR /> ls -l /var/adm/inetd.sec<BR /><BR /> grep -v "^#" /var/adm/inetd.sec<BR /><BR /> what /usr/lbin/telnetd<BR /><BR />return?<BR /><BR />If you rebooted then most likely inetd restarted.<BR /><BR />live free or die<BR />harry d brown jr Mon, 11 Apr 2005 09:23:53 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895526#M745458 harry d brown jr 2005-04-11T09:23:53Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895527#M745459 When you shut down inetd users with existing connections will not be logged off.<BR /><BR />You can spot them with netstat -an<BR /><BR />You have to terminate those users manually until your security problem is solved.<BR /><BR />The inetd.sec file can be used to deny access by ip address if warranted. Once again the effect will not be immediate, just on new sessions.<BR /><BR />SEP Mon, 11 Apr 2005 09:30:14 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895527#M745459 Steven E. Protter 2005-04-11T09:30:14Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895528#M745460 grep telnet /etc/services /etc/inetd.conf<BR />/etc/services:telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b/etc/issue<BR /><BR />ps -ef|grep -e telnet -e ssh<BR />eklaus1 3846 3844 8 08:27:22 ? 0:08 sshd: eklaus1@pts/0<BR /> root 2506 1 0 06:04:39 ? 0:00 /opt.ssh/sbin/sshd<BR /> root 4248 3882 6 10:43:59 pts/0 0:00 grep -e telnet -e ssh<BR /> r00t 3844 2506 0 08:27:12 ? 0:01 sshd: eklaus1 [priv]<BR /><BR />grep -v "^#" /var/adm/inetd.sec<BR />dtspc allow 127.0.0.1 loopback ese007<BR /><BR />I have already shut inetd down using inetd -k.<BR /><BR /><BR />inetd.conf has been copied from a working 11.0 server.<BR /> Mon, 11 Apr 2005 10:10:29 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895528#M745460 Eugene Klaus 2005-04-11T10:10:29Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895529#M745461 Can you POST the output of this command again?<BR /><BR />grep telnet /etc/services /etc/inetd.conf<BR /><BR />because this is VERY wrong:<BR />/etc/services:telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b/etc/issue<BR /><BR />It should read:<BR /><BR />/etc/services:telnet 23/tcp # Virtual Terminal Protocol<BR />/etc/inetd.conf:telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue<BR /><BR /><BR />from your output /etc/services has the contents of /etc/inetd.conf - Hopefully just a TYPO of cut &amp; paste<BR /><BR />live free or die<BR />harry d brown jr<BR /> Mon, 11 Apr 2005 10:36:13 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895529#M745461 harry d brown jr 2005-04-11T10:36:13Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895530#M745462 #grep telnet /etc/services /etc/inetd.conf<BR />/etc/services:telnet 23/tcp #Virtual Terminal protocol<BR />/etc/inetd.conf:telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b/etc/issue<BR /> Mon, 11 Apr 2005 11:17:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895530#M745462 Eugene Klaus 2005-04-11T11:17:47Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895531#M745463 I thank you all for your attention to this matter. I have discovered the problem. <BR />We had an abortive effort to install netbackup last week. I never completed.<BR />During that attempt I believe that /etc/pam.conf was over written eliminating the passwd check. This was probably inteded to be temporary. <BR /><BR />Upon updating the /etc/pam.conf file with a file from a working system our problem was solved.<BR /><BR /> Mon, 11 Apr 2005 12:54:07 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895531#M745463 Eugene Klaus 2005-04-11T12:54:07Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895532#M745464 Thanks to everyone who responded.<BR /> Mon, 11 Apr 2005 12:55:49 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-logins/m-p/4895532#M745464 Eugene Klaus 2005-04-11T12:55:49Z