[Redhat-s390-list] RE: telnet into Redhat Linux/390

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I know I'm coming into this thread very late, but I was out of the office
Thursday and Friday.

In any case, I wanted to point out how very bad an idea this is.  No one
should ever use an insecure telnet to access their system as root.  For that
matter, no one should ever use an insecure telnet to access their system at
all.  Do yourself (and your employer) a big favor, and disable telnet access
completely.  _Only_ use ssh to access your systems.  Do _not_ add tty or
pts/ devices to /etc/securetty.  You may think that because your systems are
not connected to the public internet that this level of caution is not
necessary, but you would be wrong.  A very large percentage of system
intrusions are committed by employees and not outsiders.  It may not be the
person you sit next to, but it could be someone in a different office.
Unless you are absolutely sure that you can suffer the loss of the entire
system and the time needed to rebuild it, don't use telnet.  Especially
don't use telnet, and have the same password you use on other, perhaps very
important, systems.  It is just too easy to sniff network traffic to take
the risk, and using ssh is in no way inconvenient.

Red Hat Linux/390 comes with ssh installed.  It's a simple matter to disable
telnet and be done with it.

Mark Post

-----Original Message-----
From: Don Mullins [mailto:donm@creditprotect.com]
Sent: Thursday, October 25, 2001 3:20 PM
To: LINUX-390@VM.MARIST.EDU
Subject: Re: telnet into Redhat Linux/390


Have you added pts/0 and pts/1 to the securetty file found in the /etc
directory.  RedHat by default does not allow root to telnet.  At least that
is what I had to do to fix the problem.

Hope this helps.

Don

-----Original Message-----
From: Roger Lam [mailto:lamrmn@hotmail.com]
Sent: Thursday, October 25, 2001 2:19 PM
To: LINUX-390@VM.MARIST.EDU
Subject: Re: telnet into Redhat Linux/390


Yes, I have no problem to create a new userid and telnet into it. But I need
the "root" telnet in order to complete my installation. If I can use only
the VM terminal for "root", it creates a big problem beacuse of the 3270
mode.

Roger

>From: "Ferguson, Neale" <Neale.Ferguson@SoftwareAG-USA.com>
>Reply-To: Linux on 390 Port <LINUX-390@VM.MARIST.EDU>
>To: LINUX-390@VM.MARIST.EDU
>Subject: Re: telnet into Redhat Linux/390
>Date: Thu, 25 Oct 2001 14:58:14 -0400
>
>Add and use another user. Your FTP server is being a good little service by
>preventing the user root from accessing the file system.
>
> > -----Original Message-----
>
> > I installed a "Minimal" Redhat linux/390 with all setup
> > properly. When the
> > system is ipled from dasd, I can login through VM
> > terminal(the ipl console)
> > as "root" and the password. Telnet was then enable. Tried to
> > telnet from my
> > PC into this Linux, I entered "root" and same password, but
> > my login was
> > rejected with message "login incorrect".
> >
> > What else I need to do in order to telnet into this server ( I have no
> > problem telnet into this server if I ipl it from VM reader instead).
> >


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp






***************************************NOTE*********************************
**********
The information contained in this email message is intended only for use of
the
individual or entity named above, and may be legally privileged.  If the
reader
of this message is not the intended recipient, or the employee or agent
responsible to deliver it to the intended recipient, you are hereby notified
that
any dissemination, distribution or copying of this communication is strictly
prohibited.  If you have received this communication in error, please
immediately
notify the sender, and delete and destroy the original message.  Although
this email and any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is received and
opened, it is the responsibility of the recipient to ensure that it is virus
free and
no responsibility is accepted by the sender for any loss or damage arising
in
any way from its use.



[Index of Archives]     [Fedora General Discussion]     [LKML]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Linux s390]     [Gimp]     [Yosemite News]

  Powered by Linux