• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

ROOT access from remote computer.


1. I just installed RedHat 5.2 Kernel 2.0.36 on my     computer.
    When I connect from a remote computer ROOT gives
    invalid password but it is the right password.

2. How can I make a shadowed user. When I
   make a new user the password is not shadowed.

Thanks for the help.
1 Solution
Redhat by default won't allow root access from another machine because it is a security hole. It is better to set up a user account and give that account permission to do the things you want to do.
VincentgAuthor Commented:
Okee thanks for the information swwelsh.

 You can't login as root directly from another machine (or at least not without editing some config files.  However, DON'T setup a user account with root permissions - that's just like having a root login available.  Have a normal user account, and login using it, and then use the 'su' command to become root whenever you need extra privileges.
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

You should checkout the shadow-utils package.  In that package are programs to convert the passwd (pwconv and pwunconv) and group (grpconv and grpunconv) files to and from shadowed form as well as other information pertaining to shadowing.
 Oh yeah, I forgot to answer part 2).  It sounds like you might be using some system to add users which doesn't know about shadowed passwords.
  You should be able to just do it manually by editing /etc/passwd - just make sure you specify a * in the password field, and give the user a unique login and user id.  The shadow passwords are likely to be in /etc/shadow, but you may need to check the filename on your system.
  If you do use a program to create users, you can just copy the password it generates (from /etc/passwd) into /etc/shadow -- then just blank out the password in /etc/passwd with a *.  This should do the trick.
If you really *MUST* do what you are asking for, you need to setup whatever terminal you are connecting from as a secure terminal.   For instance, if you have a dial-up configured on ttyS0..  edit the file /etc/securetty and add ttyS0 to the list (you'll notice that only tty1-tty8 are listed.  those are your "consoles" at the machine).

If you are doing this for "virtual" terminals (telnet sessions), you'd add ttyp0, ttyp1, etc..

This, however is NOT recommended as anything you'll ever need to do can be done by logging in as a regular user and su'ing to root from there.

For your second question...  su to root <grin> and run /usr/sbin/pwconv5.  That should turn on default shadowing.
 If the system has even several users, though, it's most unlikely you'll ever get the same psuedo tty number.  I'd never make anything a secure device apart from the console.
Redhat 5.2 is setup to use shadow passwords but not by default.  Please look at the man pages for the conversions programs that I mentioned in my earlier comment.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now