[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: Root login from remote system
- Subject: Re: Root login from remote system
- From: Atul Kumar <atul@xxxxxxxxxx>
- Date: Sat, 19 Jun 1999 10:38:02 +0530 (IST)
>If your 'remote' is through lan then you can not login as root.
One can login as root from LAN as well. Just add the ttyp0, ttyp1, ttyp2 ..
in your /etc/securetty
>If your 'remote' is connected by serial port then enable the root login
>in /etc/securetty.
>If your 'remote' is far off then use modem to connect to server via
>serial line.
>
>BTW can any one explain difference between su and root login. If su can
>give root privilege why root login is not permitted by telnet.
For doing su one needs to log as some existing user first. If someone only
knows yourt root password then its useless for him untill he gets the
access on one of the secure terminals. So a person will need two passwords
to cause some harm remotely (one of a normal user another of root). Getting
two passwords is more difficult than getting one. If a user himself does
su to cause some harm to the system then his name will get logged and
a message will be displayed on console. Of course one can delete log but
for very secure systems log host could be a remote host or log device could
be append only. Moreover, we can create a system group and set the group
of su program as system, now change the permission of su as 4750. Thus
a user from non system group can not even execute su.
Atul
- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
Linux India is NOT a forum for Microsoft/India/Pakistan/US/UK bashing.
Flame baits will not be tolerated. If you can appreciate satire read
http://www.templetons.com/brad/emily.html
------------------------------