"The Linux Gazette...making Linux just a little more fun!"


(?) The Answer Guy (!)


By James T. Dennis, answerguy@ssc.com
Starshine Technical Services, http://www.starshine.org/


(?) Remote Login as 'root'

From Crown Magnetics, Inc on Fri, 20 Nov 1998

How can I find out how to make it possible on A Linux system to login as root at a location other than the console?

(I'm used to Solaris Intel and there it's in /etc/default/login) but I'm not sure how to do this in Linux . . .

Thanks - Sheldon

(!) Most UNIX systems refuse to allow remote users (telnet) to login directly as root. This is intended to require that you login under your normal account and 'su' to 'root' as necessary.
Overall I think this is an excellent policy to enforce. Actually I think its still far too liberal. You really should consider installing 'ssh', STEL, or a similar secure and encrypted remote access system.
If you really insist on being able to do this via 'telnet' or 'rlogin' then you'll have to look in your man pages for the 'telnetd', 'login' and 'in.rlogind' (or equivalent) programs. I'm not saying this to be churlish --- there are different suites of these utilities that are included with different distributions.
Some distributions use the "Shadow Suite" (originally by J. Haugh III?). There is a file called '/etc/login.defs' (with a corresponding man page: login.defs(5)). That case a CONSOLE directive/option. Read about it. Red Hat includes the PAM suite of these utilities. It's possible to remove the 'securetty' check from the specific PAM service configuration files by editing the files under the /etc/pam.d/ directory (more recent versions) or the one /etc/pamd.conf file (obsolete).
In some cases you may have to edit your /etc/inetd.conf file to add or remove options from the 'in.*' services listed therein. For example you have to add a -h to the in.rlogind entry if you want to force that command to respect a '.rhosts' file for the 'root' user. That man page notes that these flags are not used if PAM is enabled --- and directs you do use the /etc/pam.d/ configuration files instead.
Those couple of cases should handle the vast majority of Linux distributions. I realize that my answer is basically RTFM --- but I hope I've directed you to the appropriate FM's to R.


Copyright © 1998, James T. Dennis
Published in The Linux Gazette Issue 35 December 1998


[ Answer Guy Index ] office largedisk links yamaha magickeys
passwd ftproot pvtmail netware crypto
relay project bootmethod sysadmin ipscript
loopfs mrtg slimscan rpm modutil libc dell remoteroot


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]