Date: Fri, 11 May 2001 07:19:47 +0000 From: Gabor Zahemszky <ZGabor@CoDe.hu> To: freebsd-security@freebsd.org Cc: mike@sentex.net Subject: Re: preventing direct root login on telnetd Message-ID: <20010511071947.C264@zg.CoDe.hu> In-Reply-To: <4.2.2.20010511000303.036916f8@192.168.0.12>; from mike@sentex.net on Fri, May 11, 2001 at 12:09:09AM -0400 References: <4.2.2.20010511000303.036916f8@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 11, 2001 at 12:09:09AM -0400, Mike Tancsa wrote:
>
> Is there a way to prevent root from logging in directly on STABLE via telnet ?
Direct root logins are enabled/disabled via /etc/ttys, aren't it?
---
# status Must be on or off. If on, init will run the getty program on
# the specified port. If the word "secure" appears, this tty
# allows root login.
---
# Pseudo terminals
ttyp0 none network on secure
ttyp1 none network off
---
Or maybe via the /etc/login.access file. man login.access
Btw. Don't use telnet, and never login as root. Use `su' instead.
ZGabor at CoDe dot HU
--
#!/bin/ksh
Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010511071947.C264>