Date: Sun, 11 Mar 2007 12:13:07 +0100 (CET) From: Wojciech Puchar <wojtek@tensor.gdynia.pl> To: Howard Jones <howie@thingy.com> Cc: freebsd-questions@freebsd.org Subject: Re: [freebsd-questions] root login with telnetd Message-ID: <20070311120541.Y90539@chylonia.3miasto.net> In-Reply-To: <45F3DF87.1090503@thingy.com> References: <20070310224946.K10353@chylonia.3miasto.net> <20070311081618.F66000@chylonia.3miasto.net> <45F3DF87.1090503@thingy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> once again - can someone answer my question instead of giving very >> "intelligent" comments? >> _______________________________________________ > If I remember correctly, you edit /etc/ttys and set some of your ttyp* (i.e. > network ptys) to be 'SECURE'. It really isn't a good idea though. The reason it works. but it is strange solution, as rshd and sshd can be set up this way. why telnetd can't? i tried allow_root in /etc/pam.d/telnetd every place (like with /etc/pam/rsh) and it doesn't work. > something with ssh - you can allow ssh RootLogin, but not with passwords only yes i already use PermitRootLogin in sshd_config and ssh root login works. same with rshd by changing /etc/pam.d/rsh but with telnet it does not. very funny is reading other people's replies about security, showing that they simply don't understand how things works. i don't ask if telnetd can be sniffed, because i know it can. as well as telnet when logging to non-root user, as well as rsh. and if there were exploits for telnetd for SunOS or FreeBSD, they exploited bugs in telnetd, and not guessing root password. so allowing root login or not doesn't make any difference. so generalizing that "telnet and rsh is bad" is as stupid as telling that oxygen is bad as it makes fires.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070311120541.Y90539>