how to read root mail from other machine on secure lan
karlp at ourldsfamily.com
karlp at ourldsfamily.com
Wed Jan 24 21:24:07 UTC 2007
On Mon, January 22, 2007 10:48 am, Rick Stevens wrote:
> On Mon, 2007-01-22 at 10:04 +0700, Budi Febrianto wrote:
>> I never read root emails as root. I forward all root emails to another
>> user account.
>>
>> Budi Febrianto
>> indomino.blogpsot.com
>>
>> Ralph E. Kenyon, Jr. wrote:
>> > Hi,
>> >
>> > I'm trying to figure out how to allow access to my root mail account using
>> > a pop email client on another machine on my LAN.
>> >
>> > I can check the mail for another user on my Redhat 9 linux box, but not
>> > root.
>> > Authentication fails.
>> >
>> > I have managed to allow telnet login to root, but this did not work for
>> > the mail account.
>> >
>> > Can anyone give me any suggestions?
>
> There are several issues. First off, by default RHEL doesn't allow root
> access over the network--only on the console. To change that (and I do
> NOT recommend this for security reasons), edit /etc/securetty. It
> contains a list of the ttys that root IS allowed to log in on.
>
> Second, NEVER, EVER, EVER use telnet! It is completely unsecure.
> Usernames, passwords and ALL data is sent over the net in cleartext.
> Use ssh instead. And even using ssh, never log in as root. Log in as a
> normal user, then use "su -" to become root.
>
> Third, the POP server (dovecot) by default doesn't allow access by users
> with UIDs less than 500. Look at the /etc/dovecot.conf file for
> details.
Oh, and it's probably better to vi /etc/aliases;newaliases
and set 'who gets root email' to yourself. That's the preferred method. Then
write a procmail rule:
:0:
*^TO_root at host
IN-root_host
or something similar.
Karl
> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
> - VitalStream, Inc. http://www.vitalstream.com -
> - -
> - su -; find / -name someone -exec touch \{\} \; -
> - - The UNIX way of touching someone -
> ----------------------------------------------------------------------
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe
>
--
karl
_/ _/ _/ _/_/_/ ____________ __o
_/ _/ _/ _/ _/ ____________ _-\<._
_/_/ _/ _/_/_/ (_)/ (_)
_/ _/ _/ _/ ......................
_/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com
---
Senior Consulting Sys/DB Analyst
http://consulting.ourldsfamily.com
---
My Thoughts on Terrorism In America right after 9/11/2001:
http://www.ourldsfamily.com/wtc.shtml
---
The world is a dangerous place to live... not because of
the people who are evil, but because of the people who
don't do anything about it.
- Albert Einstein
---
More information about the Redhat-install-list
mailing list