Date: Wed, 25 Mar 2009 14:49:10 +0200 From: Ian FREISLICH <ianf@clue.co.za> To: barney_cordoba@yahoo.com Cc: Ruben de Groot <mail25@bzerk.org>, Chuck Robey <chuckr@telenix.org>, current@freebsd.org Subject: Re: Telnet root login Message-ID: <E1LmSXe-000IqH-QM@clue.co.za> In-Reply-To: <995845.90009.qm@web63905.mail.re1.yahoo.com> References: <995845.90009.qm@web63905.mail.re1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Barney Cordoba wrote: > > Barney, you have to make the network pseudo ttys secure, > > like: > > > > ttyp0 none network secure > > > > Ruben > > Yes, the "its not a good idea" is dependent on whatever other > security you have in place. Having to log in twice to a test > machine on a secure internal network is an unnecessary annoyance. > The concept that every FreeBSD box in existence is publically accessible > is one of those ASSumptions that people should leave at the door. > > Ruben, the method you cite no longer works in -current as they've > changed things once again (which happens way too often when your CEOs > are a bunch of bearded academics :) > > I'm not sure if its the pty (the login terminal shows as pty/0 and > no longer ttyp0), or if its some PAM thing. Its rather annoying. > Such things as > > pty/0 none network secure > pty0 none network secure > > equally don't work. And I see no mention in any document as to how it > would be achieved with the current Then use ssh and set "PermitRootLogin yes" in /etc/ssh/sshd_config Ian -- Ian Freislich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1LmSXe-000IqH-QM>