Solved

ROOT access from remote computer.

Posted on 1999-01-02
8
258 Views
Last Modified: 2013-12-15
Hello,

1. I just installed RedHat 5.2 Kernel 2.0.36 on my     computer.
    When I connect from a remote computer ROOT gives
    invalid password but it is the right password.

2. How can I make a shadowed user. When I
   make a new user the password is not shadowed.

Thanks for the help.
Vincent
0
Comment
Question by:Vincentg
8 Comments
 
LVL 4

Expert Comment

by:swwelsh
ID: 1632064
Redhat by default won't allow root access from another machine because it is a security hole. It is better to set up a user account and give that account permission to do the things you want to do.
0
 

Author Comment

by:Vincentg
ID: 1632065
Okee thanks for the information swwelsh.

Vincent
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1632066
 You can't login as root directly from another machine (or at least not without editing some config files.  However, DON'T setup a user account with root permissions - that's just like having a root login available.  Have a normal user account, and login using it, and then use the 'su' command to become root whenever you need extra privileges.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 2

Expert Comment

by:benten
ID: 1632067
You should checkout the shadow-utils package.  In that package are programs to convert the passwd (pwconv and pwunconv) and group (grpconv and grpunconv) files to and from shadowed form as well as other information pertaining to shadowing.
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1632068
 Oh yeah, I forgot to answer part 2).  It sounds like you might be using some system to add users which doesn't know about shadowed passwords.
  You should be able to just do it manually by editing /etc/passwd - just make sure you specify a * in the password field, and give the user a unique login and user id.  The shadow passwords are likely to be in /etc/shadow, but you may need to check the filename on your system.
  If you do use a program to create users, you can just copy the password it generates (from /etc/passwd) into /etc/shadow -- then just blank out the password in /etc/passwd with a *.  This should do the trick.
0
 

Accepted Solution

by:
alexmo earned 10 total points
ID: 1632069
If you really *MUST* do what you are asking for, you need to setup whatever terminal you are connecting from as a secure terminal.   For instance, if you have a dial-up configured on ttyS0..  edit the file /etc/securetty and add ttyS0 to the list (you'll notice that only tty1-tty8 are listed.  those are your "consoles" at the machine).

If you are doing this for "virtual" terminals (telnet sessions), you'd add ttyp0, ttyp1, etc..

This, however is NOT recommended as anything you'll ever need to do can be done by logging in as a regular user and su'ing to root from there.

For your second question...  su to root <grin> and run /usr/sbin/pwconv5.  That should turn on default shadowing.
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1632070
 If the system has even several users, though, it's most unlikely you'll ever get the same psuedo tty number.  I'd never make anything a secure device apart from the console.
0
 
LVL 2

Expert Comment

by:benten
ID: 1632071
Redhat 5.2 is setup to use shadow passwords but not by default.  Please look at the man pages for the conversions programs that I mentioned in my earlier comment.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question