From owner-freebsd-questions@FreeBSD.ORG Thu Sep 28 12:51:16 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E6E716A40F for ; Thu, 28 Sep 2006 12:51:16 +0000 (UTC) (envelope-from arussell@agrussell.com) Received: from bifrost.agrussell.com (bifrost.hos.net [204.251.33.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5BC8543D55 for ; Thu, 28 Sep 2006 12:51:14 +0000 (GMT) (envelope-from arussell@agrussell.com) Received: from bifrost.agrussell.com (localhost [127.0.0.1]) by bifrost.agrussell.com (8.13.6/8.13.3) with ESMTP id k8SCqC5Y020787 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 28 Sep 2006 07:52:12 -0500 (CDT) (envelope-from arussell@agrussell.com) Received: (from arussell@localhost) by bifrost.agrussell.com (8.13.6/8.13.3/Submit) id k8SCqCRc020786 for freebsd-questions@freebsd.org; Thu, 28 Sep 2006 07:52:12 -0500 (CDT) (envelope-from arussell) Date: Thu, 28 Sep 2006 07:52:12 -0500 From: "A.G. Russell IV" To: freebsd-questions@freebsd.org Message-ID: <20060928125212.GA20192@bifrost.agrussell.com> References: <41CAF31DAF5DBD4093DBD271E46C0E8704D1A2@msl01.msl.local> <006701c6e2f8$c12804f0$a9f10c47@main> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <006701c6e2f8$c12804f0$a9f10c47@main> User-Agent: Mutt/1.4.2.1i Subject: Re: Can't log in a root from anywhere but the console screen. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Sep 2006 12:51:16 -0000 On Thu, Sep 28, 2006 at 07:22:23AM -0500, Dustin Coates wrote: > -----Original Message----- > > From: Erik Norgaard [mailto:norgaard@locolomo.org] > Sent: 28 September 2006 09:42 > To: Jim Borland > Cc: freebsd-questions@FreeBSD.org > Subject: Re: Can't log in a root from anywhere but the console screen. > > Jim Borland wrote: > > I want to use a PC to telnet to the freeBSD server and login as root > > but it won't let me! Can you help? I can login as a normal user just > > not as root, I can't key in su to get in as superuser either. > > 1) Don't use telnet, use ssh, for security. > 2) Are you in the wheel group? > > Erik suggested I use ssh, I've never used ssh before and when I do it > says "the connection has been refused". > The "root" user is in the wheel group, I have a user called "jim" which > is in a group called "group" he is able to login using telnet. > > > > The best thing to do is to add the user "jim" to the wheel group, then you > should be able to login as him over ssh, then su to superuser, and do > virtually everything root can do. It is considered a security risk to allow > root access to ssh. But it's your server. So if you want root to be able to > login despite my warning. Edit "/etc/ssh/sshd_config" and find > "#PermitRootLogin no", remove the hash, and change the "no" to "yes" First, sshd is not running, that is why "the connection has been refused" messages is being seen. put "sshd_enable=yes in /etc/rc.conf. Look at /etc/defaults/rc.conf, it is your friend, and any daemon that you want to run, must have xyz_enable=yes in the /etc/rc.conf, if it conforms to the current FreeBSD mores. Also, as suggested above, add jim to the wheel group, this will allow you to su to root. Take a look at the http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ google and the above document, will answer a lot of your questions. I Can't say in strong enough terms, how "Bad" and idea it is to have root allowed for ssh, or even worse, to use telnet, especially over the Internet. Good luck, FreeBSD is how we've run our servers for years, and have been solid work horses. A.G. -- _______________________________________________________________________________ A.G. Russell IV KC5KFD The Knife Company e-mail: ag4@theknifecompany.com Phone 479-631-0055 FAX 479-631-8734 Old Klingon Saying -- 'oH majQa' yIn je bang, Qo' bang -------------------------------------------------------------------------------