[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: remote login to root
john@emario.com (John M. Mario) writes:
> Please excuse the newbie question. This is my third day playing
> with linux. When I telnet to my linux server, I am not able to
> login as root. Is this a security feature?
Yes; the theory is that anyone attacking your system remotely needs
to know two passwords, not just one, to get a root shell.
> How do I enable root to login remotely?
I'd advise against it unless you fully understand the security risk.
Just get used to logging in and "su -". The extra keystrokes are
worth the peace of mind.
If you're really using "telnet" to get in, i.e., if you're using an
unencrypted session across the network, you _really_ don't want be
typing your root password in any case. Anyone on any network between
you and your destination can easily put their NIC into promiscuous
mode and pull down your password in plaintext. That's why nobody uses
telnet anymore.
I won't tell you how to configure telnet to permit root logins because
you really don't want to be sending your root password in the clear :-)
If you're using ssh, which encrypts the passwords you type (and all
other traffic for that matter), it's not as much of a security risk,
so simply edit /etc/sshd_config and change "PermitRootLogin no" to
"PermitRootLogin yes". For more information on ssh, visit www.ssh.fi
(version ssh1 is free for noncommercial use, version ssh2 you pay for).
--
Jamie McCarthy
jamie@mccarthy.org
http://jamie.mccarthy.org/