Telnet - Root Can't Login

Telnet - Root Can't Login

Post by Adrian Roger » Tue, 26 Nov 2002 13:04:57



Hi group,

I'm new here and to Linux, so if this has been answered before, forgive me.

I'm determined to use Linux for a couple of things at the office.  I now
have our corporate web site running on Apache :-) and it works great.  I'm
working on a Samba server now and it's working OK.  Here's my question.  I'm
usually at home when I come across something great on the web and want to
try it on my Linux PC at work.  I'm connected via a VPN to work, so I can
Telnet to my linux PC, but can't log in as Root.  Root works great locally
and any other username works great remotely, but I want to log in as root
remotely.  I know that this is generally a bad idea, but I want to have the
same control I have locally remotely.  What's keeping Root from logging in
remotely?  The only error I get is "Login Incorrect."

Thanks in advance for any advice.

PS, in this particular instance, I want to log in as Root in order to
install software.

-Adrian Rogers

 
 
 

Telnet - Root Can't Login

Post by $uRoo » Tue, 26 Nov 2002 13:14:33



Quote:> Hi group,

> I'm new here and to Linux, so if this has been answered before, forgive
me.

> I'm determined to use Linux for a couple of things at the office.  I now
> have our corporate web site running on Apache :-) and it works great.  I'm
> working on a Samba server now and it's working OK.  Here's my question.
I'm
> usually at home when I come across something great on the web and want to
> try it on my Linux PC at work.  I'm connected via a VPN to work, so I can
> Telnet to my linux PC, but can't log in as Root.  Root works great locally
> and any other username works great remotely, but I want to log in as root
> remotely.  I know that this is generally a bad idea, but I want to have
the
> same control I have locally remotely.  What's keeping Root from logging in
> remotely?  The only error I get is "Login Incorrect."

<snip>

<snip>

Don't do that.  Log in as a regular user & su to root.

#su -

Enter root's password & then you can do anything you want to do.

VPN or no VPN, use SSH - not telnet.  If you're using a recent distro, SSH
should be enabled.  Use it.  Get an SSH client.

Good luck.

 
 
 

Telnet - Root Can't Login

Post by Lew Pitch » Tue, 26 Nov 2002 22:16:20


On Sun, 24 Nov 2002 23:14:33 -0500, in comp.os.linux.admin, "$uRoot"




>> Hi group,

>> I'm new here and to Linux, so if this has been answered before, forgive
>me.

>> I'm determined to use Linux for a couple of things at the office.  I now
>> have our corporate web site running on Apache :-) and it works great.  I'm
>> working on a Samba server now and it's working OK.  Here's my question.
>I'm
>> usually at home when I come across something great on the web and want to
>> try it on my Linux PC at work.  I'm connected via a VPN to work, so I can
>> Telnet to my linux PC, but can't log in as Root.  Root works great locally
>> and any other username works great remotely, but I want to log in as root
>> remotely.  I know that this is generally a bad idea, but I want to have
>the
>> same control I have locally remotely.  What's keeping Root from logging in
>> remotely?  The only error I get is "Login Incorrect."

><snip>

><snip>

>Don't do that.  Log in as a regular user & su to root.

Bad advice, assuming that you're alluding to the security issues
surrounding telnet.

To the OP: Telnet is an insecure protocol. Userid and password values are
passed across the network in cleartext making it possible for anyone
sniffing the network to log in to a telnet-enabled system. Although the
root user is typically forbidden telnet login (to ensure the safety of the
root password), blackhole has given you a workaround. Be aware: blackhole's
workaround exposes the root login and password just as badly as if root
logged in directly.

If you _must_ have root log in, have root use a secure technology like ssh.
If this is not possible, and you have a secure network (that's your call,
not ours), you can either use blackhole's suggestion (telnet as user, su to
root) or you can enable root access to telnet (by editing the
/etc/securetty file to include one or more ptys).

Quote:>VPN or no VPN, use SSH - not telnet.  If you're using a recent distro, SSH
>should be enabled.  Use it.  Get an SSH client.

Good advice. And, on MSWindows, I'm told that the PuTTY client does SSH.

Lew Pitcher, Information Technology Consultant, Toronto Dominion Bank Financial Group

(Opinions expressed are my own, not my employer's.)

 
 
 

Telnet - Root Can't Login

Post by Johan Lindquis » Tue, 26 Nov 2002 22:58:30


On Mon, 25 Nov 2002 at 14:16 GMT, gazing longingly at the horizon,

felt a deep, passionate desire to let the following be known:

> On Sun, 24 Nov 2002 23:14:33 -0500, in comp.os.linux.admin, "$uRoot"



>>> I'm usually at home when I come across something great on the
>>> web and want to try it on my Linux PC at work. I'm connected via
>>> a VPN to work, so I can Telnet to my linux PC, but can't log in
>>> as Root. Root works great locally and any other username works
>>> great remotely, but I want to log in as root remotely. I know
>>> that this is generally a bad idea, but I want to have the same
>>> control I have locally remotely. What's keeping Root from logging
>>> in remotely? The only error I get is "Login Incorrect."

>>Don't do that. Log in as a regular user & su to root.

> Bad advice, assuming that you're alluding to the security issues
> surrounding telnet.

I think he was alluding to the stupidity of letting root login remote
to begin with. You should probably take the above advice in context
with the following (that is, to use ssh). I might have stressed the
"use ssh" part abit more then "don't log in as root" tho, but either
way.

The previous post was good advice altogether imo.

--
Time flies like an arrow, fruit flies like a banana.      Perth ---> *
 14:49:24 up 7 days, 14:16,  1 user,  load average: 0.10, 0.03, 0.01
$ cat /dev/bollocks                      Registered Linux user #261729
cultivate bleeding-edge systems

 
 
 

Telnet - Root Can't Login

Post by Dave Smi » Wed, 27 Nov 2002 02:51:24



> Don't do that.  Log in as a regular user & su to root.

> #su -

> Enter root's password & then you can do anything you want to do.

> VPN or no VPN, use SSH - not telnet.  If you're using a recent distro, SSH
> should be enabled.  Use it.  Get an SSH client.

> Good luck.

For a telnet replacement try Putty
(http://www.chiark.greenend.org.uk/~sgtatham/putty/)

for FTp replacement try WinSCP
(http://winscp.vse.cz/eng/)

Thanks!
Dave

 
 
 

Telnet - Root Can't Login

Post by $uRoo » Wed, 27 Nov 2002 07:42:41



> On Sun, 24 Nov 2002 23:14:33 -0500, in comp.os.linux.admin, "$uRoot"



> >> Hi group,

> >> I'm new here and to Linux, so if this has been answered before, forgive
> >me.

> >> I'm determined to use Linux for a couple of things at the office.  I
now
> >> have our corporate web site running on Apache :-) and it works great.
I'm
> >> working on a Samba server now and it's working OK.  Here's my question.
> >I'm
> >> usually at home when I come across something great on the web and want
to
> >> try it on my Linux PC at work.  I'm connected via a VPN to work, so I
can
> >> Telnet to my linux PC, but can't log in as Root.  Root works great
locally
> >> and any other username works great remotely, but I want to log in as
root
> >> remotely.  I know that this is generally a bad idea, but I want to have
> >the
> >> same control I have locally remotely.  What's keeping Root from logging
in
> >> remotely?  The only error I get is "Login Incorrect."

> ><snip>

> ><snip>

> >Don't do that.  Log in as a regular user & su to root.

> Bad advice, assuming that you're alluding to the security issues
> surrounding telnet.

> To the OP: Telnet is an insecure protocol. Userid and password values are
> passed across the network in cleartext making it possible for anyone
> sniffing the network to log in to a telnet-enabled system. Although the
> root user is typically forbidden telnet login (to ensure the safety of the
> root password), blackhole has given you a workaround. Be aware:
blackhole's
> workaround exposes the root login and password just as badly as if root
> logged in directly.

<snip>

So what - did you miss the entire section of my post that said to use SSH
instead of telnet???

SSH to the box as a regular user.  Once logged in, su to root.  I would
never advocate using telnet for any user account.

 
 
 

Telnet - Root Can't Login

Post by Lew Pitch » Wed, 27 Nov 2002 22:31:12


On Mon, 25 Nov 2002 17:42:41 -0500, in comp.os.linux.admin, "$uRoot"




>> On Sun, 24 Nov 2002 23:14:33 -0500, in comp.os.linux.admin, "$uRoot"

[snip]
>> >Don't do that.  Log in as a regular user & su to root.

>> Bad advice, assuming that you're alluding to the security issues
>> surrounding telnet.
[snip]
>So what - did you miss the entire section of my post that said to use SSH
>instead of telnet???

Nope. Read again. I both included your section on ssh, and publicly agreed
with it.

My only issue was with your advice wrt telnet.

Quote:>SSH to the box as a regular user.  Once logged in, su to root.  I would
>never advocate using telnet for any user account.

Lew Pitcher, Information Technology Consultant, Toronto Dominion Bank Financial Group

(Opinions expressed are my own, not my employer's.)

 
 
 

Telnet - Root Can't Login

Post by Jonatha » Wed, 11 Dec 2002 07:37:28


This thread is getting rather confused...

Putty is a telnet CLIENT - what has that got to do with the OP's question?
For that matter, what the hell has scp got to do with it either as he's
clearly not using SSH.

Jesus - no wonder people * about getting bad information from the net.

JJ




> > Don't do that.  Log in as a regular user & su to root.

> > #su -

> > Enter root's password & then you can do anything you want to do.

> > VPN or no VPN, use SSH - not telnet.  If you're using a recent distro,
SSH
> > should be enabled.  Use it.  Get an SSH client.

> > Good luck.

> For a telnet replacement try Putty
> (http://www.veryComputer.com/~sgtatham/putty/)

> for FTp replacement try WinSCP
> (http://www.veryComputer.com/)

> Thanks!
> Dave