Date: Fri, 18 Dec 1998 23:13:26 +0000 (GMT) From: Robert <robert@namodn.com> To: David Shanes <dshanes@mswin.net> Cc: questions FreeBSD <FreeBSD-questions@FreeBSD.ORG> Subject: Re: Clearing "NOROOT" status. Message-ID: <Pine.BSF.3.96.981218231053.29367I-100000@namodn.com> In-Reply-To: <00f201be2b1e$9c3b5560$0143a8c0@family1>
next in thread | previous in thread | raw e-mail | index | archive | help
:) I think that's what happened; try putting "secure" on the ttys that you want to be able to log in as root on, if you do indeed want to log on as root from remote. I use "su" and "sudo" myself, which I strongly recommend for security puposes.. there's just no benefit that I can see to logging in as root as opposed to using "su"... @:-) ( www.namodn.com ) ( robert@namodn.com ) On Fri, 18 Dec 1998, David Shanes wrote: > Specifically, in "/var/log/messages", it says: > > Dec 18 20:51:24 shanes login: LOGIN root REFUSED (NOROOT) FROM x.x.x.x ON > TTY ttyp0 > > Does that mean that I was trying to login as root, but even with the right > password, I would have been denied access b/c it was via Telnet? > > Thanks, > David > > -----Original Message----- > From: Robert <robert@namodn.com> > To: David Shanes <dshanes@personalogic.com> > Date: Friday, December 18, 1998 10:47 PM > Subject: Re: Clearing "NOROOT" status. > > > >So you have been able to log in remotely as root, and now it has "banned" > >the IP address because of "too many failed login attempts"? > >Perhaps it gives more info in /var/log/messages ... I tried a quick > >search/grepped my /etc , but to no avail.. the only thing I know that can > >allow/deny IP's is a firewall ; could it perhaps have changed your > >firewall "rules" ? Try resetting it ( if any ), since you're at the > >console.. > > > >-rob > > > >On Fri, 18 Dec 1998, David Shanes wrote: > > > >> Thanks for the help. I do not think that there ever was an entry > >> "secure" for any ttyp?. I mistyped the password too many times, when > trying > >> to login via telnet, and saw a message on my FreeBSD system's screen that > >> said that it would not allow root login from that IP address - over any > >> ttyp?. > >> > >> David > >> > >> -----Original Message----- > >> From: Robert <robert@namodn.com> > >> To: David Shanes <dshanes@mswin.net> > >> Cc: questions FreeBSD <FreeBSD-questions@FreeBSD.ORG> > >> Date: Friday, December 18, 1998 10:31 PM > >> Subject: Re: Clearing "NOROOT" status. > >> > >> > >> >Found this using http://www.freebsd.org/search > >> >---- > >> >The su way is the proper way to do this. But if you really want to > login > >> >as root remotely you'll have to edit the file /etc/ttys and add "secure" > >> >to the ttyp? (pseudo ttys). This will enable you to login as root. > >> >Please, please, if you do something like this at least use ssh (secure > >> >shell) as your machine could be compromised very quickly if someone is > >> >sniffing your network. > >> > > >> >Here is a sample entry for /etc/ttys > >> > > >> >ttyp0 none network secure > >> >ttyp1 none network secure > >> > > >> >and so on... > >> > > >> >Another reason this is a bad idea is that if someone does a dictionary > >> >attack on your telnet login root cannot be compromised. > >> >---- > >> > > >> >Hope it helps... > >> > > >> >-rob > >> >( www.namodn.com ) > >> >( robert@namodn.com ) > >> > > >> >On Fri, 18 Dec 1998, David Shanes wrote: > >> > > >> >> OK, so I thought that I remembered the password, but I got it > wrong > >> >> (several times). How do I re-enable an IP address to login as root via > >> >> telnet? > >> >> I am logged in locally as root. Running 2.2.6 release. > >> >> > >> >> > >> >> Thanks, > >> >> David > >> >> ____________________________________________ > >> >> David Shanes > >> >> dshanes@mswin.net > >> >> > >> >> > >> >> > >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> >> with "unsubscribe freebsd-questions" in the body of the message > >> >> > >> > > >> > > >> >To Unsubscribe: send mail to majordomo@FreeBSD.org > >> >with "unsubscribe freebsd-questions" in the body of the message > >> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981218231053.29367I-100000>