System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

HPUX 11iv2 hosts - telnet connection

Tom Haddad
Super Advisor

HPUX 11iv2 hosts - telnet connection

I have a basic question on the use of telnet and securing it.
To prohibit a user from using telnet to any of my HPUX hosts and using ROOT as the login account, how is this accomplished?
I was testing a telnet to an older HPUX workatation I have from my Windows XP machine.
I can telnet and login to the workstation with a basic user account I created on the workstation but attempt to login directly with Root fails. (well it fails at the password attempt).
I was looking at the /etc/services and inetd.sec file on the workstation.
5 REPLIES
Patrick Wallek
Honored Contributor

Re: HPUX 11iv2 hosts - telnet connection

/etc/securetty is file you are looking for in this case.

To prevent login as root from any place EXCEPT the system console (at least via telnet), you add the word 'console' to the /etc/securetty file.

# cat /etc/securetty
console

# man securetty

for more information.

Note that telnet in and of itself is inherently insecure. ALL telnet traffic is passed in plain-text over the wire.
Tom Haddad
Super Advisor

Re: HPUX 11iv2 hosts - telnet connection

That was the file I overlooked. Thanks.
My file has just CONSOLE ..as you stated so its secured only to the system console.
If the file does NOT exist, whats the setting/security?
Tim Nelson
Honored Contributor

Re: HPUX 11iv2 hosts - telnet connection

if /etc/securetty does not exits then the root user can log in directly from any remote telnet connection.
Tom Haddad
Super Advisor

Re: HPUX 11iv2 hosts - telnet connection

Thanks..That explains one machine vs another I was 'testing' on.
One has the file with console only ..other has no file.
Tom Haddad
Super Advisor

Re: HPUX 11iv2 hosts - telnet connection

Thanks gentlemen!