10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
As part of the security hardening activity in our team, we have to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
To do this, in sshd_config I comment out these lines :
Ciphers aes128-cbc,blowfish-cbc,3des-cbc
MACS hmac-sha1,hmac-md5
and add... (9 Replies)
Discussion started by: anaigini45
9 Replies
2. AIX
I have disabled rlogin for root successfully , but after that i could not login to root from console and could not su to root from other users as it responded as expired account
I did not have any admin user but I have managed to recover the situation by accessing rootvg before mounting it, but... (5 Replies)
Discussion started by: majd_ece
5 Replies
3. Solaris
how to login with ssh to remote system with out applying the remote root/user password
with rlogin we can ujse .rhosts file
but with ssh howits possible
plz guide (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies
4. UNIX for Dummies Questions & Answers
Hi All,
I have setup a non root user on AIX 5.3, using smit. When I try logging on as that user my login screen just disappears. I am using PUTTY. I login to the same box as root no problems. I have tried re-creating several different usernames but get the same effect I have also telneted from a... (2 Replies)
Discussion started by: hansul
2 Replies
5. UNIX for Dummies Questions & Answers
we don't have root in our /etc/ftpd/ftpusers and we are getting some pushback from the external auditors about this - specifically as a security risk if a "sniffer" were to catch roots password at the ftp.
What do most shops do - disable ftp for root?
What do you do to get things to the... (3 Replies)
Discussion started by: LisaS
3 Replies
6. Solaris
I'm attempting to deny a user's ability to login as root through any remote means - ie telnet or ssh. I've read most of the threads that I can find on this site and I've looked at BigAdmin on Sun's site. I have done what has been suggested here and on BigAdmin which is to make sure that the line... (5 Replies)
Discussion started by: gonzotonka
5 Replies
7. SCO
dear all,
pls give the sollution to disable root login from telnet directly.but it should allow while we type su command (2 Replies)
Discussion started by: prakrithi
2 Replies
8. AIX
Hi,
I want to disable telnet login for root only so that other users can telnet?
Regards,
Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies
9. Solaris
I edited my /etc/default/login file and commented the line:
# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
#CONSOLE=/dev/console
I still cant login thru telnet or ssh.
What else do i have to do to be able to login... (14 Replies)
Discussion started by: BG_JrAdmin
14 Replies
10. SCO
Hy,
Coud someone tell me how to disable root login via terminal (only from console should be allowed).
There is no ssh installed, only telnet.
I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login?
SCO OpenServer 5
... (1 Reply)
Discussion started by: veccinho
1 Replies
RLOGIN(1) General Commands Manual RLOGIN(1)
NAME
rlogin - remote login
SYNOPSIS
rlogin [-8EL] [-e char] [-l username] rhost
rhost [-8EL] [-e char] [-l username]
DESCRIPTION
Rlogin connects your terminal on the current local host system lhost to the remote host system rhost.
Each host has a file /etc/hosts.equiv which contains a list of rhost's with which it shares account names. (The host names must be the
standard names as described in rsh(1).) When you rlogin as the same user on an equivalent host, you don't need to give a password. Each
user may also have a private equivalence list in a file .rhosts in his login directory. Each line in this file should contain an rhost and
a username separated by a space, giving additional cases where logins without passwords are to be permitted. If the originating user is
not equivalent to the remote user, then a login and password will be prompted for on the remote machine as in login(1). To avoid some
security problems, the .rhosts file must be owned by either the remote user or root.
The remote terminal type is the same as your local terminal type (as given in your environment TERM variable). The terminal or window size
is also copied to the remote system if the server supports the option, and changes in size are reflected as well. All echoing takes place
at the remote site, so that (except for delays) the rlogin is transparent. Flow control via ^S and ^Q and flushing of input and output on
interrupts are handled properly. The optional argument -8 allows an eight-bit input data path at all times; otherwise parity bits are
stripped except when the remote side's stop and start characters are other than ^S/^Q. The argument -L allows the rlogin session to be run
in litout mode. A line of the form ``~.'' disconnects from the remote host, where ``~'' is the escape character. Similarly, the line
``~^Z'' (where ^Z, control-Z, is the suspend character) will suspend the rlogin session. Substitution of the delayed-suspend character
(normally ^Y) for the suspend character suspends the send portion of the rlogin, but allows output from the remote system. A different
escape character may be specified by the -e option. There is no space separating this option flag and the argument character. With the -E
option the escape can be turned off.
SEE ALSO
rsh(1), rhosts(5).
BUGS
More of the environment should be propagated.
4.2 Berkeley Distribution May 12, 1986 RLOGIN(1)