topic Re: telnet to linux box from remote in Operating System - Linux

telnet to linux box from remote

Mangesh Khatav_1 — Sat, 28 May 2005 06:05:48 GMT

Hi all,

what should be the entry in /etc/securetty and /etc/pam.d/telnet file to give telnet access to root from remote m/c.

Regards
Mangesh Khatav

Re: telnet to linux box from remote

Stuart Browne — Sat, 28 May 2005 06:14:07 GMT

Remote, are we talking over public networks here?

If so, scrap the idea immediately, and look at using SSH instead, much more secure (and strangely considerably easier).

If you're only talking about trusted local networks, then the only reliable way to do it is to modify '/etc/pam.d/login' and comment out the 'auth required pam_securetty.so' line.

Please not that this method is highly ill-advised! You should be logging in as a non-admin user, and 'su -' to get root access.

Re: telnet to linux box from remote

Mangesh Khatav_1 — Sat, 28 May 2005 06:36:18 GMT

I tried it but still i couldnt telnet from other m/c as a root.I can telnet by other user
what will be the problem.

pls help

Mangesh

Re: telnet to linux box from remote

Stuart Browne — Sat, 28 May 2005 06:39:31 GMT

make sure that securetty line in '/etc/pam.d/login' is either fully removed, or fully commented out. That is the only thing that will be restricting it.

Re: telnet to linux box from remote

Mangesh Khatav_1 — Sat, 28 May 2005 06:52:17 GMT

no result.same problem.I renamed the (/etc/pam.d/login)file too. do i have to restart any daemon or service for the same. do i have to give any entry in /etc/securetty file

Re: telnet to linux box from remote

Mangesh Khatav_1 — Sat, 28 May 2005 06:54:01 GMT

no result.same problem.I renamed the (/etc/pam.d/login)file too. do i have to restart any daemon or service for the same.

Re: telnet to linux box from remote

Stuart Browne — Sat, 28 May 2005 06:54:10 GMT

'/etc/pam.d/login' MUST EXIST. Only the 'securetty' line should be removed.

There is nothing you can add to '/etc/securetty' in order to allow a 'telnet' user to log in as 'root'.

Re: telnet to linux box from remote

C. Beerse_1 — Mon, 30 May 2005 04:58:48 GMT

If it is for a one-time telnet login (to install some stuff over the network for example) I find myself renaming /etc/securetty (to /etc/securetty.off) and back once finished.

My idea: if security is an issue, don't use telnet (and rsh/remsh, rlogin, rexec). If security is not an issue, securetty can be off (`mv /etc/securetty /etc/securetty.off`).

If you are somewhere in the middle, keep securetty and telnet. Login with your own account and change to root with `su`, `super` or `sudo` (or s-bits on executables)

Re: telnet to linux box from remote

Alexander Chuzhoy — Mon, 30 May 2005 05:12:15 GMT

in order to be able to login as root via telnet simply add to /etc/securetty
pts/0
pts/1
pts/2
pts/3
and so on until let's say
pts/10
Unless you want this system to be honey pot for hackers -do not connect it to the public network

Re: telnet to linux box from remote

Huc_1 — Mon, 30 May 2005 09:12:25 GMT

if setup as above reply's this should should work !
if not then have a check on log files in /var/login this will maybe reveal more info/pointer to problem.

like ex:
tail -20 /var/log/messages
tail -20 /var/log/security

or even better (at the same time that you try to log in as root)

tail -f /var/log/messages

Having said all this unless you have an absolute reason to use to use telnet, do not do this use ssh instead

by using telnet or ftp the user password is transmited in clear on the network (Lan and/or Wan)

Jean-Pierre Huc

Re: telnet to linux box from remote

Ross Minkov — Tue, 31 May 2005 09:11:46 GMT

Mangesh,

First let me repeat the same as the others -- do not use telnet, use ssh instead. Telnet is not secure. If you are in a very trusted network and need to use telnet for some reason, then do not telnet to the root account, telnet to some mortal account and then use sudo or something like it to become surepuser.

Things to check:

Is telnet server installed? Try this:
rpm -qa | grep telnet
if not install it.

Is telnet service enabled?
chkconfig --list | grep telnet
if not enable it:
chkconfig telnet on

Regards,
Ross

Re: telnet to linux box from remote

Bejoy C Alias — Thu, 02 Jun 2005 08:21:59 GMT

The only thing U have to do is to rename or delete the file /etc/securetty and telnet from other clients ( u r telling that u can able to login as other users , means telnet server is working fine , so this should solve the pblm )

Re: telnet to linux box from remote

Gabriel Jiménez Salazar — Fri, 03 Jun 2005 18:11:49 GMT

the only only thing you have to do is comment the first line in /etc/pam.d/login and for the telnet server is up remember the telnet service is part of xinetd and that service must be up

Re: telnet to linux box from remote

Suraj Singh_1 — Tue, 07 Jun 2005 05:10:55 GMT

There are 2 ways of doing it:

1. Edit /etc/pam.d/login file, and put a comment (#) in front of the line containing securetty.so, and

2. Edit /etc/securetty, and add all the pseudo ttys in this file, one in each line, like:
pts/0
pts/1
...
...

Regards,
Suraj