[rhn-users] Root login with telnet

[Bill Watson]

I have heard often the trauma of sending passwords in clear text over the
network. If one has port 23 isolated from the internet and in a typical
office environment, is there still risk? There is zero chance that any
employee is capable of such interception, and the network switches wouldn't
allow said person the opportunity if they could. 

Please explain the actual risks so I am enlightened.

Thank you,
Bill Watson
bill at magicdigits.com

-----Original Message-----
From: rhn-users-bounces at redhat.com [mailto:rhn-users-bounces at redhat.com] On
Behalf Of Joe Ogulin
Sent: Thursday, June 29, 2006 12:00 PM
To: Red Hat Network Users List
Subject: Re: [rhn-users] Root login with telnet


Michael Chien wrote:
> Hi all,
> 
> I've noticed that when trying to telnet into RHEL AS 4, and NOT using 
> SSH, I am unable to log in as root directly, I have to log in as user 
> and SU.
> 
> But with SSH connection, I can login with root account straight away.
> 
> Is there a way to change this security feature so direct root login 
> can be done with regular telnet?

There probably is (I'm not going to bother researching it), but it is a
really bad idea to do that, as the telnet protocol sends clear text
passwords over the network... assuming you are not on a kerberized
system/subnet.

Realisitically, you should also edit /etc/ssh/sshd_config
and change the "PermitRootLogin" option.  Setting it to "without-password"
will allow you to log in if you have the appropriate
/root/.ssh/authroized_keys permissions.

Joe

-- 
Joe Ogulin
Sr. Secure Systems Software Engineer
BAE Systems IT

Environmental statement:
This message is made of 100% recycled electrons.

Disclaimer:  This message is purely my fault.

_______________________________________________
rhn-users mailing list
rhn-users at redhat.com https://www.redhat.com/mailman/listinfo/rhn-users