Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 28 Sep 2006 07:52:12 -0500
From:      "A.G. Russell IV" <arussell@agrussell.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: Can't log in a root from anywhere but the console screen.
Message-ID:  <20060928125212.GA20192@bifrost.agrussell.com>
In-Reply-To: <006701c6e2f8$c12804f0$a9f10c47@main>
References:  <41CAF31DAF5DBD4093DBD271E46C0E8704D1A2@msl01.msl.local> <006701c6e2f8$c12804f0$a9f10c47@main>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Thu, Sep 28, 2006 at 07:22:23AM -0500, Dustin Coates wrote:
> -----Original Message-----
> 
> From: Erik Norgaard [mailto:norgaard@locolomo.org] 
> Sent: 28 September 2006 09:42
> To: Jim Borland
> Cc: freebsd-questions@FreeBSD.org
> Subject: Re: Can't log in a root from anywhere but the console screen.
> 
> Jim Borland wrote:
> > I want to use a PC to telnet to the freeBSD server and login as root 
> > but it won't let me! Can you help? I can login as a normal user just 
> > not as root, I can't key in su to get in as superuser either.
> 
> 1) Don't use telnet, use ssh, for security.
> 2) Are you in the wheel group?
> 
> Erik suggested I use ssh, I've never used ssh before and when I do it
> says "the connection has been refused". 
> The "root" user is in the wheel group, I have a user called "jim" which
> is in a group called "group" he is able to login using telnet.
> 
> 
> 
> The best thing to do is to add the user "jim" to the wheel group, then you
> should be able to login as him over ssh, then su to superuser, and do
> virtually everything root can do. It is considered a security risk to allow
> root access to ssh. But it's your server. So if you want root to be able to
> login despite my warning.  Edit "/etc/ssh/sshd_config" and find
> "#PermitRootLogin no", remove the hash, and change the "no" to "yes"

First, sshd is not running, that is why "the connection has been refused"
messages is being seen.  put "sshd_enable=yes in /etc/rc.conf.

Look at /etc/defaults/rc.conf, it is your friend, and any daemon that you 
want to run, must have xyz_enable=yes in the /etc/rc.conf, if it conforms
to the current FreeBSD mores.

Also, as suggested above, add jim to the wheel group, this will allow you
to su to root.

Take a look at the 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
google and the above document, will answer a lot of your questions.

I Can't say in strong enough terms, how "Bad" and idea it is to have root
allowed for ssh, or even worse, to use telnet, especially over the Internet.

Good luck, FreeBSD is how we've run our servers for years, and have been solid
work horses.

A.G.
-- 
_______________________________________________________________________________
A.G. Russell IV  KC5KFD    The Knife Company   e-mail:  ag4@theknifecompany.com
Phone 479-631-0055                                             FAX 479-631-8734
Old Klingon Saying --  'oH  majQa' yIn je bang, Qo' bang
-------------------------------------------------------------------------------



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20060928125212.GA20192>