Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.kei.com!news.mathworks.com!tank.news.pipex.net!pipex!dispatch.news.demon.net!demon!kiss.demon.co.uk From: phil@zipmail.co.uk (Phil Taylor) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Privileged telnet access help request. Date: Mon, 02 Oct 1995 18:09:18 GMT Organization: Lan Systems Lines: 37 Message-ID: <812657356.23970@kiss.demon.co.uk> References: <44p20e$fa0@thrush.sover.net> Reply-To: phil@zipmail.co.uk NNTP-Posting-Host: kiss.demon.co.uk X-NNTP-Posting-Host: kiss.demon.co.uk X-Newsreader: Forte Free Agent 1.0.82 phapp@top.monad.net (Paul Happ) wrote: >Hello, >I've got FreeBSD 2.0.5 installed and running on a 486 system remote to >me. I'd like to be able to work remotely as root or su via telnet. We >have changed my group to wheel but that group is not allowed access >via telnet. No other system changes were made to the install defaults. >I appreciate the security implications, but as a temporary solution >we'll use a phone call to turn my privileged access on and off until >we decide on our permanent security design. >I have searched the archives and reviewed the FreeBSD web site and now >need to ask your help. >Do we do it with /etc/login.access (all lines are as installed, >currently commented out) >or >can we set /etc/ttys ttyp0 to network on secure This is what I have done (up to about ttyp5), it works fine, obviously a serious security loophole but, like you I needed remote telnet access to root. I wasn't that bothered about security as we have a complicated root password that is changed frequently, but of course if you log in across the 'net then someone could sniff out your password. (probably) Cheers Phil