[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: telnet acces for root ?

Adam Heath writes:
> 
> > 
> This is all nice and good, but there is a better way.
> 

[bad way deleted]

There is a reason that that /etc/securetty does not contain the pseudo
terminals in the first place.  It is very unsecure to allow root to
login directly anywahere except the console or possibly a computer
right next to the console.  Now, the above method is fine if your
computer is only part of your personal LAN that no one else has access
to and if your computer is never connect to the internet (unless you
disallow telnets with /etc/hosts.deny|allow).  There are mean people
who will try to hack your machine even during the 10 minutes that your
computer is on the internet via a PPP/SLIP dynamic IP account.  It
gets even more likely if you have any kind of permanent connection to
the world.  I would even not trust your collegues if you have a
moderatly large LAN where you are not the only user.

It's your choice, but...

Its saffer to log on as a normal user and su.

Erv

-- 
                                ____
----==-- _                     / /  \         
---==---(_)__  __ ____  __    / / /\ \	                  - Erv Walter
--==---/ / _ \/ // /\ \/ /   / /_/\ \ \             - edwalter@usa.net
-=====/_/_//_/\_,_/ /_/\_\  /______\ \ \  - edwalter@students.wisc.edu
   http://www.linux.org     \_________\/
Reply to: