Home Page Home Page
Home | Linux Administration | Corporate Services | Resources | About Us Support Center
Monthly Server Management One-time Server Services Other Services
Network Administration Network Monitoring Network Security High Availability Load Balancing Data Backup and Recovery
Linux HOWTOs Linux Guides Linux Articles New RFCs Vulnerability list Linux Journal
Testimonials Partners Careers Contact Us Site Map
The Answer Guy 35: Remote Login as 'root'

"The Linux Gazette...making Linux just a little more fun!"

(?) The Answer Guy (!)


By James T. Dennis, tag@lists.linuxgazette.net
Starshine Technical Services, http://www.starshine.org/

(?) Remote Login as 'root'

From Crown Magnetics, Inc on Fri, 20 Nov 1998

How can I find out how to make it possible on A Linux system to login as root at a location other than the console?

(I'm used to Solaris Intel and there it's in /etc/default/login) but I'm not sure how to do this in Linux . . .

Thanks - Sheldon

(!) Most UNIX systems refuse to allow remote users (telnet) to login directly as root. This is intended to require that you login under your normal account and 'su' to 'root' as necessary.
Overall I think this is an excellent policy to enforce. Actually I think its still far too liberal. You really should consider installing 'ssh', STEL, or a similar secure and encrypted remote access system.
If you really insist on being able to do this via 'telnet' or 'rlogin' then you'll have to look in your man pages for the 'telnetd', 'login' and 'in.rlogind' (or equivalent) programs. I'm not saying this to be churlish --- there are different suites of these utilities that are included with different distributions.
Some distributions use the "Shadow Suite" (originally by J. Haugh III?). There is a file called '/etc/login.defs' (with a corresponding man page: login.defs(5)). That case a CONSOLE directive/option. Read about it. Red Hat includes the PAM suite of these utilities. It's possible to remove the 'securetty' check from the specific PAM service configuration files by editing the files under the /etc/pam.d/ directory (more recent versions) or the one /etc/pamd.conf file (obsolete).
In some cases you may have to edit your /etc/inetd.conf file to add or remove options from the 'in.*' services listed therein. For example you have to add a -h to the in.rlogind entry if you want to force that command to respect a '.rhosts' file for the 'root' user. That man page notes that these flags are not used if PAM is enabled --- and directs you do use the /etc/pam.d/ configuration files instead.
Those couple of cases should handle the vast majority of Linux distributions. I realize that my answer is basically RTFM --- but I hope I've directed you to the appropriate FM's to R.

Copyright © 1998, James T. Dennis
Published in The Linux Gazette Issue 35 December 1998

[ Answer Guy Index ] office largedisk links yamaha magickeys
passwd ftproot pvtmail netware crypto
relay project bootmethod sysadmin ipscript
loopfs mrtg slimscan rpm modutil libc dell remoteroot

[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]

All logos, trademarks and content in this site are property of their respective owners. All else is © Copyright 2005-2012 n3v.net