Solved

ROOT access from remote computer.

Posted on 1999-01-02
8
255 Views
Last Modified: 2013-12-15
Hello,

1. I just installed RedHat 5.2 Kernel 2.0.36 on my     computer.
    When I connect from a remote computer ROOT gives
    invalid password but it is the right password.

2. How can I make a shadowed user. When I
   make a new user the password is not shadowed.

Thanks for the help.
Vincent
0
Comment
Question by:Vincentg
8 Comments
 
LVL 4

Expert Comment

by:swwelsh
ID: 1632064
Redhat by default won't allow root access from another machine because it is a security hole. It is better to set up a user account and give that account permission to do the things you want to do.
0
 

Author Comment

by:Vincentg
ID: 1632065
Okee thanks for the information swwelsh.

Vincent
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1632066
 You can't login as root directly from another machine (or at least not without editing some config files.  However, DON'T setup a user account with root permissions - that's just like having a root login available.  Have a normal user account, and login using it, and then use the 'su' command to become root whenever you need extra privileges.
0
 
LVL 2

Expert Comment

by:benten
ID: 1632067
You should checkout the shadow-utils package.  In that package are programs to convert the passwd (pwconv and pwunconv) and group (grpconv and grpunconv) files to and from shadowed form as well as other information pertaining to shadowing.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1632068
 Oh yeah, I forgot to answer part 2).  It sounds like you might be using some system to add users which doesn't know about shadowed passwords.
  You should be able to just do it manually by editing /etc/passwd - just make sure you specify a * in the password field, and give the user a unique login and user id.  The shadow passwords are likely to be in /etc/shadow, but you may need to check the filename on your system.
  If you do use a program to create users, you can just copy the password it generates (from /etc/passwd) into /etc/shadow -- then just blank out the password in /etc/passwd with a *.  This should do the trick.
0
 

Accepted Solution

by:
alexmo earned 10 total points
ID: 1632069
If you really *MUST* do what you are asking for, you need to setup whatever terminal you are connecting from as a secure terminal.   For instance, if you have a dial-up configured on ttyS0..  edit the file /etc/securetty and add ttyS0 to the list (you'll notice that only tty1-tty8 are listed.  those are your "consoles" at the machine).

If you are doing this for "virtual" terminals (telnet sessions), you'd add ttyp0, ttyp1, etc..

This, however is NOT recommended as anything you'll ever need to do can be done by logging in as a regular user and su'ing to root from there.

For your second question...  su to root <grin> and run /usr/sbin/pwconv5.  That should turn on default shadowing.
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1632070
 If the system has even several users, though, it's most unlikely you'll ever get the same psuedo tty number.  I'd never make anything a secure device apart from the console.
0
 
LVL 2

Expert Comment

by:benten
ID: 1632071
Redhat 5.2 is setup to use shadow passwords but not by default.  Please look at the man pages for the conversions programs that I mentioned in my earlier comment.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now