HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
cancel
Showing results for 
Search instead for 
Did you mean: 

who can telnet

 
khilari
Regular Advisor

who can telnet

Hi guys, just wondering isnt it so that whoever is in /etc/passwd file can telnet into that box....
I have /etc/securetty file and only console in it that means root canot login... But if somebody asks me who can log into this box, does that mean who has account in that box or not....
let me know what you think
Thanks
4 REPLIES
Raj D.
Honored Contributor

Re: who can telnet

Khilai,
Remeber ftp only accounts also exists in /etc/passwd , however their shell configured as ftponly (restricted shell ), they can't telnet or ssh.


Cheers.
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
Roopesh Francis_1
Trusted Contributor

Re: who can telnet

its hard to understand your question.however
Normally anybody in the /etc/passwd can telnet the system until unless you enabled any security.
from the man pages
Root access can be denied to any port on the system by the use of the
/etc/securetty file. If not present (the default), anyone who knows the
root password can login as root regardless of their location (modem,
DTC port, tty port, network login).

However, if the /etc/securetty file contains:

console
tty0p4
tty1p2

then root logins will fail "Login incorrect" if the user is not on the
3 ports listed in the above example. If the word console is not in the
/etc/securetty file then root login at the console is disabled! Any
attempt by someone on port tty0p1, etc will also fail, even though the
correct password has been supplied.
Tingli
Esteemed Contributor

Re: who can telnet

There are many accounts for system usage only, such as daemon, bin. They can not login to the system. You can check /etc/shadow file to figure it out. (if there is a /etc/shadow file)
OldSchool
Honored Contributor

Re: who can telnet

well...kind of, but:


1) the account has to have a valid shell
2) telnet has to be enabled, as opposed to something like using ssh
3) account can't be locked.