Operating System - Linux
1828577 Members
2492 Online
109982 Solutions
New Discussion

remote root login to Linux system.

 
SOLVED
Go to solution
jerry1
Super Advisor

remote root login to Linux system.

Why when loging into linux box root's passwd
not accepted.
I can log into linux box on console as root.
I can su - to root with same password.
I can login to linux system as any other user
but when loging in as root and entering password at prompt. I get Login incorrect.

Is there a security feature I am missing?

Already edited /etc/inetd.conf.
9 REPLIES 9
G. Vrijhoeven
Honored Contributor
Solution

Re: remote root login to Linux system.

Hi,

Do you have a file called /etc/securetty?

Gideon
Martin P.J. Zinser
Honored Contributor

Re: remote root login to Linux system.

Hello Jerry,

securettys is the way to go if you want to use telnet. Generally speaking this is not recommended nowadays anymore since the password is sent unencrypted over the network. Use ssh instead:

basic usage: ssh root@host

The first time you have to accept some keys.

Greetings, Martin
Paul Cross_1
Respected Contributor

Re: remote root login to Linux system.

It is generally considered good practice not to login directly as root (login as yourself and su - to root) but if you have a good reason for not using ssh (BTW: using ssh may require an edit of /etc/ssh/sshd_config to change PermitRootLogin no to yes), securetty is a flat file with a simple list of ttys that root is permitted to login on.

-p
jerry1
Super Advisor

Re: remote root login to Linux system.

I need to be able to use rdist to the linux
box and that requires ~/.rhosts.
So if /etc/securettys is turned off for root
by default then I will look at that and see
if it is causing my problem. Was like the old SunOS.

Don_89
Trusted Contributor

Re: remote root login to Linux system.

If you need to distribute multiple files to multiple hosts, there are a couple of alternatives to doing this ..

1) You can use SCP to copy the files in a cron job. Generate a RSA key on your main server and copy the /root/.ssh/id_rsa.pub file to each of the remote servers in the /root/.ssh directory and name the file "authorized_keys2". That way you wont be prompted for a password everytime.. Works great.

2) We also use rsync. It works great and pretty simple to setup..

hope this helps..
jerry1
Super Advisor

Re: remote root login to Linux system.

What I need to do is rdist files from client
boxes to the linux host. The client boxes
do not have ssh and it is not an option to
install ssh on all of them.

Since rdist is a quick and easy way to copy
files to a remote host and compare time stamps. It seems to be the way to go.
Security in this area is not an issue since
no one but 3 people have access and there
is no access from the internet.
root .rhosts is okay, they all 3 have root
access anyway. Installing ssh is more work than is required to accomplish this simple copy.
cp from nfs mount would not do the time stamp
checking and I don't have the time to write
test scripts to do so.
Interesting that HP-UX has in
/etc/securetty just the line "console" yet
root .rhosts works for rlogin, etc without
password. Does linux have to not have tty/pty
in them to work? I had to uncomment the tty pty statements so it would allow root to login
remotely in the first place.
I checked linuxquestions.org and saw same
problems posted and not one had a solution.
Only to use ssh.

Is this a security feature in linux that you
cannot use .rhosts for root at all?



jerry1
Super Advisor

Re: remote root login to Linux system.

As it turns out. I have scrapped using rdist.
One, its not compatible with Solaris rdist,
have not checked with HP yet. If using it on
the linux system locally to get files from
NFS then it does not like unknown files,
does not replicate soft and hard links.

The question about root login no passwd is
to use option -h in inetd.conf after rlogind.
This allows root to use its .rhosts file.

Paul Cross_1
Respected Contributor

Re: remote root login to Linux system.

rdist being open source, you should download and compile it so that you have the same software and versions on all platforms. That way there are no "compatibility" issues.
jerry1
Super Advisor

Re: remote root login to Linux system.

I have the rdist.c rdistd.c but I have not
the clients time to download a compiler to
the linux box and mess with it.

find /source -depth -print|cpio /backupdir/ 2>finderrors

Seems to do okay from the NFS mounts and
gives me sanity checking on any corrupt files.