Configuring Telnet/FTP to login as root (Linux)
by Jeff Hunter, Sr. Database Administrator
---------------------------
Red Hat Enterprise Linux: RHEL3 / RHEL4
Red Hat (Fedora Core 1 / Core 2)
Red Hat (Release 7.x - 8.x)
----------------------
Red Hat Enterprise Linux: RHEL3 / RHEL4
Enabling Telnet and FTP Services
Linux is configured to run the Telnet and FTP server, but by default, these services are not enabled. To enable the telnet service, login to the server as the root user account and run the following commands:
# chkconfig telnet on
# service xinetd reload
Reloading configuration: [ OK ]
Starting with the Red Hat Enterprise Linux 3.0 release (and in CentOS Enterprise Linux), the FTP server (wu-ftpd) is no longer available with xinetd. It has been replaced with vsftp and can be started from /etc/init.d/vsftpd as in the following:
# /etc/init.d/vsftpd start
Starting vsftpd for vsftpd: [ OK ]
If you want the vsftpd service to start and stop when recycling (rebooting) the machine, you can create the following symbolic links:
# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd
Allowing Root Logins to Telnet and FTP Services
Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login.
Configure Telnet for root logins
Simply edit the file /etc/securetty and add the following to the end of the file:
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.
---------------------------
Red Hat (Fedora Core 1 / Core 2)
Enabling Telnet and FTP Services
Linux is configured to run the Telnet and FTP server, but by default, these services are not enabled. To enable the telnet these service, login to the server as the root userid and edit the files:
/etc/xinetd.d/telnet
In this file, find the line for disable and change it from the value "yes" to "no".
After changing the above value(s), you will need to restart the xinetd deamon. As the root userid, type the following command:
% /etc/init.d/xinetd reload
Starting with the Fedora Core 1 release, the FTP server (wu-ftpd) is no longer available with xinetd. It has been replaced with vsftp and can be started from /etc/init.d/vsftpd as in the following:
# /etc/init.d/vsftpd start
If you want the vsftpd service to start and stop when recycling the machine, you can create the following symbolic links:
# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd
Allowing Root Logins to Telnet and FTP Services
Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login.
Configure Telnet for root logins
/etc/securettySimply edit the file and add the following to the end of the file:
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.
---------------------------
Red Hat (Release 7.x - 8.x)
Enabling Telnet and FTP Services
Linux is configured to run the Telnet and FTP server, but by default, these services are not enabled. To enable these services, login to the server as the root userid and edit the files:
/etc/xinetd.d/telnet
/etc/xinetd.d/wu-ftpd
In both files, find the line for disable and change it from the value "yes" to "no".
After changing the above values, you will need to restart the xinetd deamon. As the root userid, type the following command:
% /etc/init.d/xinetd reload
Allowing Root Logins to Telnet and FTP Services
Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login.
Configure Telnet for root logins
Simply edit the file /etc/securetty and add the following to the end of the file:
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
First edit the file /etc/ftpaccess and comment out the 'deny-uid' and 'deny-gid' lines.
Also, don't forget to remove the 'root' line from /etc/ftpusers
沒有留言:
張貼留言