Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to Enable TELNET for root user
Operating Systems Linux How to Enable TELNET for root user Post 302135286 by lostboy1970 on Friday 7th of September 2007 08:01:54 AM
Old 09-07-2007
Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login.

Configure Telnet for root logins

Simply edit the file /etc/securetty and add the following to the end of the file:

pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9

This will allow up to 10 telnet sessions to the server as root.

Configure FTP for root logins

Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.


source: Configuring Telnet/FTP to login as root (Linux)
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to Enable locked root account

Hi Every one I disable the root account entering wrong password for many time How can I enable the root account I am using Tru64 Unix V4.0G Thank you (2 Replies)
Discussion started by: Syed_45
2 Replies

2. Linux

ftp telnet enable

hi , i have jsut installed linux 9.0 , but i can not ftp or telnet to the system . i have installed the ftp and the telnet server during installation . i have also configured the files to enable the ftp and telnet , the ftp and the telnet daemons are running , but when i do ftp : ftp... (1 Reply)
Discussion started by: ppass
1 Replies

3. Solaris

Am not able to login as a root User with telnet

Hi to All, I have configured telnet service in my server but am not able to login with root user in Linux Servers. For that what can i do ? Please help me Thanks in Advance. (1 Reply)
Discussion started by: Sharath Kumar
1 Replies

4. Solaris

SSH enable, Telnet disable ...

Hi... How do I enable SSH and disable telnet.. Also - is there anything special I need to do to ensure that a new user can use ssh and su but not telnet? Adel (15 Replies)
Discussion started by: ArabOracle.com
15 Replies

5. Cybersecurity

Enable SSH for root over certain network connection of a server...is it possible?

Hi - I have a SUSE Enterprise Linux Server V9 that I have an issue with. Policy says that root connectivity via ssh needs to be disabled. So, to do that, I made the following change in the sshd_config section: # Authentication: #LoginGraceTime 2m #PermitRootLogin yes PermitRootLogin no... (3 Replies)
Discussion started by: cpolikowsky
3 Replies

6. Linux

how to root gui login enable

hi iam installed mandriva spring 2009 iam unble to login into gui using root how to enable it where the settings are stored (5 Replies)
Discussion started by: seshumohan
5 Replies

7. Solaris

Enable FTP for root user in Solaris 10

I am not able to get ftp working for Solaris 10 for root user. I am getting login failed error. 331 Password required for root. Password: 530 Login incorrect. Login failed. Tried following things already. 1. SFTP works ok, still would like to know why FTP is not working (curious). 2.... (5 Replies)
Discussion started by: webkid
5 Replies

8. HP-UX

Enable telnet as root to 11.31 non-trusted system?

I have a new box that was set up for me and I want to allow telnet to the box as root. I know that it's not secure but due to the nature of what I test I need an easy and reliable way back in if I've messed up the other connection methods(SSH). This is in a protected lab environment. Eventually... (17 Replies)
Discussion started by: gctaylor
17 Replies

9. UNIX for Dummies Questions & Answers

Sudo to delegate permission from non-root user to another non-root user

I've been through many threads before i decide to create a separate thread. I can't really find the solution to my (simple) problem. Here's what I'm trying to achieve: As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user. The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies

LEARN ABOUT HPUX

telnet

telnet(1)						      General Commands Manual							 telnet(1)

NAME

       telnet - user interface to the TELNET protocol

SYNOPSIS

       [[options] host [port]]

DESCRIPTION

       is  used to communicate with another host using the TELNET protocol.  If is invoked without arguments, it enters command mode, indicated by
       its prompt In this mode, it accepts and executes the commands listed below.  If is invoked with arguments,  it  performs  an  command  (see
       below) with those arguments.

       Once a connection has been opened, enters an input mode.  The input mode will be either "character at a time" or "line by line" , depending
       on what the remote system supports.

       In "character at a time" mode, most text typed is immediately sent to the remote host for processing.

       In "line by line" mode, all text is echoed locally, and (normally) only completed lines are sent to the remote host.  The "local echo char-
       acter"  (initially  can	be  used to turn-off and turn-on the local echo (this would mostly be used to enter passwords without the password
       being echoed).

       In either mode, if the toggle is TRUE (the default in line mode; see below), the user's and characters are trapped  locally,  and  sent	as
       TELNET  protocol  sequences to the remote side.	There are options (see and below) that cause this action to flush subsequent output to the
       terminal (until the remote host acknowledges the TELNET sequence) and flush previous terminal input (in the case of and

       While connected to a remote host, command mode can be entered by typing the "escape character" (initially When in command mode, the  normal
       terminal editing conventions are available.

       supports  8-bit	characters when communicating with the server on the remote host.  To use eight-bit characters you may need to reconfigure
       your terminal or the remote host appropriately (see stty(1)).  Furthermore, you may have to use the toggle to enable an 8-bit  data  stream
       between and the remote host.

	      Note: Some remote hosts may not provide the necessary support for eight-bit characters.

       If,  at	any time, is unable to read from or write to the server over the connection, the message is printed on standard error.	then exits
       with a value of 1.

       supports the TAC User ID (also known as the TAC Access Control System, or TACACS User ID) option.  Enabling the option  on  a  host  server
       allows the user to into that host without being prompted for a second login sequence.  The TAC User ID option uses the same security mecha-
       nism as for authorizing access by remote hosts and users.  The system administrator must enable the (telnetd) option only on systems, which
       are  designated	as  participating hosts.  The system administrator must also assign to each user of TAC User ID the very same UID on every
       system for which he is allowed to use the feature.  See the telnetd(1M) manpage and the

   Options
       The following options are available:

       Enable cs8 (8 bit transfer) on local tty.

       Set the	 command mode escape character to be instead of its default value of

       Disable the TAC User ID option if enabled on the client,
		 to cause the user to be prompted for login username and password.  Omitting the option executes the default setting.

   Kerberos-Specific Options
       By default, or by use of the or the option, the Kerberos version of behaves as a client which supports authentication based on Kerberos V5.
       As a Kerberos client, will authenticate and authorize the user to access the remote system.  See the sis(5) manpage for details on Kerberos
       authentication and authorization.  However, it will not support integrity-checked or encrypted sessions.

       The default Kerberos options for the applications are set in the configuration file.  Refer to the in the  krb5.conf(4)	manpage  for  more
       information.  The options and described in the subsequent paragraphs, can be set in the file with the tag names and respectively.  Refer to
       the of the krb5.conf(4) manpage for more information.

       The option can be set in the file within If is set to true and the kerberos authentication fails, will use the non-secure mode of authenti-
       cation.

	      Note: Command line options override configuration file options.

       The following options are Kerboros-specific:

       This option is applicable only in a secure environment based
		 on Kerberos V5.  Attempt automatic login into the Kerberos realm and disable the TAC User ID option.

		 Note: This is the default login mode.

		 Sends	the  user  name  via  the  NAME subnegotiation of the Authentication option.  The name used is that of the current user as
		 returned by the USER environment variable.  If this variable is not defined, the name used is that returned by (see getpwent(3C))
		 if it agrees with the current user ID.  Otherwise, it is the name associated with the user ID.

       This option is applicable only in a secure environment based
		 on Kerberos V5.  Disable use of Kerberos authentication and authorization.  When this option is specified, a password is required
		 that is sent across the network in a readable form.  See the sis(5) manpage.

       This option is applicable only in a secure environment based
		 on Kerberos V5.  Allows local credentials to be forwarded to the remote system.  Only one or option is allowed.  They	cannot	be
		 used together.

       This option is applicable only in a secure environment based
		 on  Kerberos  V5.  Allows local credentials to be forwarded to the remote system including any credentials that have already been
		 forwarded into the local environment.	Only one or option is allowed.	They cannot be used together.

       This option is applicable only in a secure environment
		 based on Kerberos V5.	Attempt automatic login into the Kerberos realm as the specified user and disable the TAC User ID  option.
		 The  user  name  specified  is  sent  via the NAME subnegotiation of the Authentication option.  Omitting the option executes the
		 default setting.  Only one option is allowed.

   Commands
       The following commands are available in command mode.  You need to type only sufficient prefix of each  command	to  uniquely  identify	it
       (this is also true for arguments to the and commands).

       Open a connection to the named host at the indicated port.
		      If no port is specified, attempts to contact a TELNET server at the standard TELNET port.  In the IPv4 environment, hostname
		      can be either the official name or an alias as understood by (see gethostent(3N)) or an Internet address	specified  in  the
		      dot  notation  as  described  in hosts(4).  In the IPv6 environment, hostname can be either the official name or an alias as
		      understood by (see getnameinfo(3N)) or an Internet address specified in the colon notation as described in hosts(4).  If	no
		      hostname is given, prompts for one.

       Close a	      TELNET session.  If the session was started from command mode, returns to command mode; otherwise exits.

       Close any open TELNET session and exit An end of file (in command mode) will also close a session and exit.

       Suspend	      If  is  run  from a shell that supports job control, (such as csh(1) or ksh(1)), the command suspends the TELNET session and
		      returns the user to the shell that invoked Then the job can be resumed by using the command (see csh(1) or ksh(1)).

       Change	      user input mode to mode, which can be (for "character at a time" mode) or (for "line by line" mode).   The  remote  host	is
		      asked for permission to go into the requested mode.  If the remote host is capable of entering that mode, the requested mode
		      is entered.  In mode, sends each character to the remote host as it is typed.  In mode, gathers user input  into	lines  and
		      transmits each line to the remote host when the user types carriage return, linefeed, or EOF (normally see stty(1)).

		      Note: Setting line-mode also sets local echo.  Applications that expect to interpret user input character by character (such
		      as and do not work properly in line mode.

       Show current status of
		      reports the current escape character.  If is connected, it reports the host to which it is connected and the current  If	is
		      not connected to a remote host, it reports Once has been connected, it reports the local flow control toggle value.

       Displays all or some of the
		      and values (see below).

       Get help.      With  no arguments, prints a help summary.  If a command is specified, prints the help information available about that com-
		      mand only.  Help information is limited to a one-line description of the command.

       Shell escape.  The environment variable is checked for the name of a shell to use to execute the command.  If no  shell_command	is  speci-
		      fied, a shell is started and connected to the user's terminal.  If is undefined, is used.

       Sends one or more special character sequences to the remote host.
		      Each argument can have any of the following values (multiple arguments can be specified with each command):

		      Sends the current
				escape character (initially

		      Sends the TELNET	SYNCH sequence.  This sequence causes the remote system to discard all previously typed (but not yet read)
				input.	This sequence is sent as TCP urgent data (and may not work to some systems -- if it doesn't work, a  lower
				case ``r'' may be echoed on the terminal).

		      Sends the TELNET BRK (Break) sequence, which may have significance to the remote system.

		      Sends the TELNET	IP  (Interrupt	Process)  sequence,  which  should  cause the remote system to abort the currently running
				process.

		      Sends the TELNET AO (Abort Output) sequence, which should cause the remote system to flush all output from the remote system
				to the user's terminal.

		      Sends the TELNET AYT (Are You There) sequence, to which the remote system may or may not choose to respond.

		      Sends the TELNET EC (Erase Character) sequence, which should cause the remote system to erase the last character entered.

		      Sends the TELNET EL (Erase Line) sequence, which should cause the remote system to erase the line currently being entered.

		      Sends the TELNET GA (Go Ahead) sequence, which is likely to have no significance to the remote system.

		      Sends the TELNET NOP (No OPeration) sequence.

		      Prints out help information for the
				command.

       Set any of the variables  to a specific value.  The special value turns off the function associated with the variable.  The values of vari-
		      ables can be shown by using the command.	The following variable_names can be specified:

		      This is the value (initially
				which, toggles between doing local echoing of entered characters (for normal processing), and suppressing  echoing
				of entered characters (for entering, for example, a password) in line-by-line mode.

		      This is the
				escape character (initially that causes entry into command mode (when connected to a remote system).

		      If	is  in	mode  (see  below)  and  the interrupt character is typed, a TELNET IP sequence (see above) is sent to the
				remote host.  The initial value for the interrupt character is taken to be the terminal's character.

		      If	is in mode (see below) and the character is typed, a TELNET BRK sequence (see above) is sent to the  remote  host.
				The initial value for the quit character is taken to be the terminal's character.

		      If	is  in	mode  (see below) and the character is typed, a TELNET AO sequence (see above) is sent to the remote host.
				The initial value for the flush character is

		      If	is in mode (see below), if is operating in character-at-a-time mode, then when this character is typed,  a  TELNET
				EC  sequence  (see  above) is sent to the remote system.  The initial value for the erase character is taken to be
				the terminal's character.

		      If	is in mode (see below), if is operating in character-at-a-time mode, then when this character is typed,  a  TELNET
				EL sequence (see above) is sent to the remote system.  The initial value for the kill character is taken to be the
				terminal's character.

		      If	is operating in line-by-line mode, entering this character as the first character on a line causes this  character
				to be sent to the remote system.  The initial value of the character is taken to be the terminal's character.

       Toggle (between
		      TRUE  and FALSE ) various flags that control how responds to events.  More than one argument can be specified.  The state of
		      these flags can be shown by using the command.  Valid arguments are:

		      If	TRUE, the and characters (see above) are recognized locally,  and  transformed	into  appropriate  TELNET  control
				sequences (respectively and see above).  The initial value for this toggle is in line-by-line mode, and in charac-
				ter-at-a-time mode.

		      If	and are both TRUE, whenever the or characters are recognized (and transformed into TELNET sequences  -	see  above
				for  details), refuses to display any data on the user's terminal until the remote system acknowledges (via a TEL-
				NET Timing Mark option) that it has processed those TELNET sequences.  The initial value for this toggle is TRUE.

		      This flag is available only in a secure environment based on Kerberos V5.
				Enable or disable automatic login into the Kerberos realm.  Using this option yields the same results as using the
				option.  The initial value for this toggle is TRUE.

		      If	and  are  both TRUE, when either the or character is typed (see above for descriptions of the and characters), the
				resulting TELNET sequence sent is followed by the TELNET SYNCH sequence.  This procedure causes the remote  system
				to  begin  discarding all previously typed input until both of the TELNET sequences have been read and acted upon.
				The initial value of this toggle is FALSE.

		      Enable or disable the
				TELNET BINARY option on both input and output.	This option should be enabled in order to send and  receive  8-bit
				characters to and from the TELNET server.

		      If	TRUE,  end-of-line  sequences  are  sent  as  an  ASCII carriage-return and line-feed pair.  If FALSE, end-of-line
				sequences are sent as an ASCII carriage-return and NUL character pair.	The  initial  value  for  this	toggle	is
				FALSE.

		      Toggle carriage return mode.
				When this mode is enabled, any carriage return characters received from the remote host are mapped into a carriage
				return and a line feed.  This mode does not affect those characters typed by the user; only those received.   This
				mode  is  only	required for some hosts that require the client to do local echoing, but output ``naked'' carriage
				returns.  The initial value for this toggle is FALSE.

		      Toggle local echo mode or remote echo mode.
				In local echo mode, user input is echoed to the terminal by the local before being transmitted to the remote host.
				In  remote  echo,  any echoing of user input is done by the remote host.  Applications that handle echoing of user
				input themselves, such as C shell, Korn shell, and (see csh(1), ksh(1), and vi(1)), do	not  work  correctly  with
				local echo.

		      Toggle viewing of
				TELNET	options  processing.   When  options  viewing  is  enabled,  all TELNET option negotiations are displayed.
				Options sent by are displayed as while options received from the TELNET server are displayed as The initial  value
				for this toggle is FALSE.

		      Toggles the display of all network data (in hexadecimal format).
				The initial value for this toggle is FALSE.

		      Displays the legal
				commands.

RETURN VALUE

       In the event of an error, or if the TELNET connection is closed by the remote host, returns a value of Otherwise, it returns

DIAGNOSTICS

       The following diagnostic messages are displayed by

	      There are two authentication mechanisms used by TELNET.
		     One  authentication  mechanism  is  based on Kerberos and the other is not.  The type of authentication mechanism is obtained
		     from a system file, which is updated by If the system file on either the local host or the remote host does not contain known
		     authentication types, the above error is displayed.

	      was unable to find the
		     TELNET service entry in the services(4) database.

	      was unable to map the host name to an Internet address.
		     Your  next  step  should be to contact the system administrator to check whether there is an entry for the remote host in the
		     database (see hosts(4)).

	      An invalid command was typed in
		     command mode.

	      An error occurred in the specified system call.
		     See the appropriate manual entry for a description of the error.

AUTHOR

       was developed by the University of California, Berkeley.

SEE ALSO

       csh(1), ksh(1), login(1), rlogin(1), stty(1), telnetd(1M), inetsvcs_sec(1M), hosts(4), krb5.conf(4), services(4), sis(5), termio(7).

																	 telnet(1)
All times are GMT -4. The time now is 03:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy