topic securetty question in Operating System - Linux

securetty question

Jun Zhang_4 — Tue, 25 Nov 2003 16:17:47 GMT

I have a redhat box running 2.4.9-e25. I can telnet in as root, tty shows /dev/pts/2. There is no entry start like pts in the /etc/securetty file. How can it happen?

Jun

Re: securetty question

Kodjo Agbenu — Tue, 25 Nov 2003 16:36:43 GMT

Hi Jun,

If you are sure that your /etc/securetty is in place (no mistake in the file name ;-), you may check the PAM configuration.

PAM is a set of security modules that are configured to make some system authentication steps modular (login, telnet, ssh...).

In /etc/pam.d/login, check the configuration for "login" related security. Mine (redhat 9) looks like this :

auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so

Good luck.

Kodjo

Re: securetty question

Jun Zhang_4 — Tue, 25 Nov 2003 16:59:55 GMT

Thanks for the reply. Your pam.d/login file is the same like mine.
I have another 2.4.18-24.8.0 RH, it has the same pam.d/rsh and pam.d/login files like the 2.4.9-e25 RH, but I've got to remove the /etc/securetty file before root can telnet in. I'm very much confused.

Jun

Re: securetty question

Stuart Browne — Wed, 26 Nov 2003 01:40:21 GMT

Normally it would be the pam.d configuration.

If it isn't, check for the bare-word 'telnet' in the securetty file, and make sure that it doesn't have world-wirteable permissions (i.e. only 644 (-rw-r--r--)).