https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447735#M222 I strongly reccomend not doing this.<BR />There is a reason you su to root. I know it is an annoyance but get used to it. Wed, 25 Oct 2000 03:50:51 GMT Jason Wohlgemuth_1 2000-10-25T03:50:51Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447733#M220 I need to be able to telent to my linux box and login as root (I do not want to su to root). Everytime I try its says invalid password. I know this has something to do with security. How do I change this so I can login to root on a standard telnet session to my redhat linux 6.1 box? Mon, 25 Sep 2000 18:09:11 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447733#M220 Richard Horton 2000-09-25T18:09:11Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447734#M221 Be sure you have a backup of it in case you want to undo the accion<BR />Hi, It is very simple, just delete this file:<BR /><BR />/etc/securetty<BR /><BR />and thats all, you will be able to do remote root logins. Mon, 25 Sep 2000 23:49:15 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447734#M221 Marco Hernandez_1 2000-09-25T23:49:15Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447735#M222 I strongly reccomend not doing this.<BR />There is a reason you su to root. I know it is an annoyance but get used to it. Wed, 25 Oct 2000 03:50:51 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447735#M222 Jason Wohlgemuth_1 2000-10-25T03:50:51Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447736#M223 Generally speaking, most distributions (if not all, by now) do NOT enable the "root" user logon via "telnet". The primary reason being is that the password is sent "in the clear", so if anyone has a means to put a sniffer on your network, they'll have your password the next time you log in.<BR /><BR />(it's quite easy with most sniffers nowadays to set a "trigger condition" of "user logged on with root", then watch the next few packets to determine the password -- once set, this little demon waits patiently for "root" to come strolling by...)<BR /><BR />That said, even using "su -" via telnet SUFFERS FROM THE SAME FLAW! "telnet" data is sent completely "in the clear", so now all the would-be interloper has to do is "sniff" for the case where "user typed 'su' at a command prompt" and capture the resulting password. Technically no more difficult than the above, but functionally just a little bit more difficult [recognizing that "su" was at a command prompt and not "part of" some other input]<BR /><BR />If you REALLY MUST log on as root from a remote location, head on over to openssh and/or ssh.org -- there are free and low-cost versions of the "secure shell" [ssh] that allow "root" logins from remote consoles. Essentially, the "secure" version uses SSL technology to encrypt the data stream, so even if a sniffer is employed, the data stream itself is garbage and (so far) exceptionally difficult to "crack".<BR /><BR />[sorry I don't have URLS handy -- but any decent search engine will give you more than you could possibly deal with...]<BR /> Wed, 25 Oct 2000 06:39:52 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447736#M223 Tom Emerson 2000-10-25T06:39:52Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447737#M224 Generally speaking, most distributions (if not all, by now) do NOT enable the "root" user logon via "telnet". The primary reason being is that the password is sent "in the clear", so if anyone has a means to put a sniffer on your network, they'll have your password the next time you log in.<BR /><BR />(it's quite easy with most sniffers nowadays to set a "trigger condition" of "user logged on with root", then watch the next few packets to determine the password -- once set, this little demon waits patiently for "root" to come strolling by...)<BR /><BR />That said, even using "su -" via telnet SUFFERS FROM THE SAME FLAW! "telnet" data is sent completely "in the clear", so now all the would-be interloper has to do is "sniff" for the case where "user typed 'su' at a command prompt" and capture the resulting password. Technically no more difficult than the above, but functionally just a little bit more difficult [recognizing that "su" was at a command prompt and not "part of" some other input]<BR /><BR />If you REALLY MUST log on as root from a remote location, head on over to openssh and/or ssh.org -- there are free and low-cost versions of the "secure shell" [ssh] that allow "root" logins from remote consoles. Essentially, the "secure" version uses SSL technology to encrypt the data stream, so even if a sniffer is employed, the data stream itself is garbage and (so far) exceptionally difficult to "crack".<BR /><BR />[sorry I don't have URLS handy -- but any decent search engine will give you more than you could possibly deal with...]<BR /> Wed, 25 Oct 2000 06:40:12 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447737#M224 Tom Emerson 2000-10-25T06:40:12Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447738#M225 Generally speaking, most distributions (if not all, by now) do NOT enable the "root" user logon via "telnet". The primary reason being is that the password is sent "in the clear", so if anyone has a means to put a sniffer on your network, they'll have your password the next time you log in.<BR /><BR />(it's quite easy with most sniffers nowadays to set a "trigger condition" of "user logged on with root", then watch the next few packets to determine the password -- once set, this little demon waits patiently for "root" to come strolling by...)<BR /><BR />That said, even using "su -" via telnet SUFFERS FROM THE SAME FLAW! "telnet" data is sent completely "in the clear", so now all the would-be interloper has to do is "sniff" for the case where "user typed 'su' at a command prompt" and capture the resulting password. Technically no more difficult than the above, but functionally just a little bit more difficult [recognizing that "su" was at a command prompt and not "part of" some other input]<BR /><BR />If you REALLY MUST log on as root from a remote location, head on over to openssh and/or ssh.org -- there are free and low-cost versions of the "secure shell" [ssh] that allow "root" logins from remote consoles. Essentially, the "secure" version uses SSL technology to encrypt the data stream, so even if a sniffer is employed, the data stream itself is garbage and (so far) exceptionally difficult to "crack".<BR /><BR />[sorry I don't have URLS handy -- but any decent search engine will give you more than you could possibly deal with...]<BR /> Wed, 25 Oct 2000 06:40:48 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447738#M225 Tom Emerson 2000-10-25T06:40:48Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447739#M226 Generally speaking, most distributions (if not all, by now) do NOT enable the "root" user logon via "telnet". The primary reason being is that the password is sent "in the clear", so if anyone has a means to put a sniffer on your network, they'll have your password the next time you log in.<BR /><BR />(it's quite easy with most sniffers nowadays to set a "trigger condition" of "user logged on with root", then watch the next few packets to determine the password -- once set, this little demon waits patiently for "root" to come strolling by...)<BR /><BR />That said, even using "su -" via telnet SUFFERS FROM THE SAME FLAW! "telnet" data is sent completely "in the clear", so now all the would-be interloper has to do is "sniff" for the case where "user typed 'su' at a command prompt" and capture the resulting password. Technically no more difficult than the above, but functionally just a little bit more difficult [recognizing that "su" was at a command prompt and not "part of" some other input]<BR /><BR />If you REALLY MUST log on as root from a remote location, head on over to openssh and/or ssh.org -- there are free and low-cost versions of the "secure shell" [ssh] that allow "root" logins from remote consoles. Essentially, the "secure" version uses SSL technology to encrypt the data stream, so even if a sniffer is employed, the data stream itself is garbage and (so far) exceptionally difficult to "crack".<BR /><BR />[sorry I don't have URLS handy -- but any decent search engine will give you more than you could possibly deal with...]<BR /> Wed, 25 Oct 2000 06:40:59 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447739#M226 Tom Emerson 2000-10-25T06:40:59Z https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447740#M227 AAACCCKKK!!! HP's web page is hosed!<BR /><BR />(I kept getting some sort of wierd "sendmail failed -- got response of 'we don't relay'" error message) Sorry for the dupes -- I really thought they didn't actually "send"...<BR /> Wed, 25 Oct 2000 06:42:46 GMT https://community.hpe.com/t5/operating-system-linux/mandrake-root-account-network-login/m-p/2447740#M227 Tom Emerson 2000-10-25T06:42:46Z