From owner-freebsd-questions  Tue Oct 24  0:17:36 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from diarmadhi.mushhaven.net (diarmadhi.mushhaven.net [208.184.147.85])
	by hub.freebsd.org (Postfix) with ESMTP id C3B0A37B479
	for <freebsd-questions@FreeBSD.ORG>; Tue, 24 Oct 2000 00:17:33 -0700 (PDT)
Received: (from mistwolf@localhost)
	by diarmadhi.mushhaven.net (8.11.0/8.11.0) id e9O7HAi72738;
	Tue, 24 Oct 2000 00:17:10 -0700 (PDT)
	(envelope-from mistwolf)
Date: Tue, 24 Oct 2000 00:17:10 -0700
From: Jamie Norwood <mistwolf@mushhaven.net>
To: Keith Davey <kdavey@gus33.homeip.net>
Cc: bk <koester@x-itec.de>, freebsd-questions@FreeBSD.ORG
Subject: Re: Root-Like telnet account
Message-ID: <20001024001710.A72677@mushhaven.net>
References: <14122691348.20001020183900@x-itec.de> <Pine.LNX.4.21.0010212334220.684-100000@gus33.homeip.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.LNX.4.21.0010212334220.684-100000@gus33.homeip.net>; from kdavey@gus33.homeip.net on Sat, Oct 21, 2000 at 11:36:33PM -0700
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Just wondering, why not just telnet/ssh in then SU? 

Jamie

On Sat, Oct 21, 2000 at 11:36:33PM -0700, Keith Davey wrote:
> 
> 
> On Fri, 20 Oct 2000, bk wrote:
> 
> > Hello Travor,
> > 
> > Monday, October 16, 2000, 12:34:20 AM, you wrote:
> > 
> > >> Hi,
> > >>
> > >> I just installed FreeBSD on an older system I have, just to try it out,
> > MG> and would like to be able to telnet into it, and configure things remotely.
> > MG> Is is possible to make it so that I can login from root, or that another
> > MG> account has many of the same pr
> > >> velages as root, such as modifying configuration files?
> > 
> > look at /etc/ttys and add "secure" on the terminal you want to connect
> > to. if you do not know the right termial, login with a normal account
> > remotely and use the command "w" to see who is online.
> > 
> > Example:
> > 
> > localhost# w
> >  8:46PM  up  1:11, 2 users, load averages: 0.01, 0.00, 0.00
> > USER             TTY      FROM              LOGIN@  IDLE WHAT
> > root             v0       -                 7:36PM  1:08 -csh (csh)
> > blabla           p0       master            8:39PM     - w
> > 
> > i am looging in as root remotely from v0 on the console and from p0
> > remotely. so i have to add secure to the ttyp0 pseudo terminal.
> > 
> > If you want to keep your bsd system secure, i suggest you not to allow
> > root to login remotely.
> > Create a user with adduser command and put this user into the group
> > "wheel". login with this user and enter "su" to switch to root
> > account. This is more secure, because an external attacker do not know
> > what account is required to logon or to be root.
> 
> Another option is to use SSH with RSA key encription only set up.  This is
> a very conveniant and secure way to remotly administrate a box.
> 
> Keith Davey
> Tivoli Systems
> 
> SNIP
> 
> > -- 
> > Boris Köster
> > 
> > 
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-questions" in the body of the message
> > 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message