Sorry if this is posted to the wrong forum but as it is related to a problem I have with Asterisk it may just scrape through!! I am running Fedora 1 and I can telnet in to my asterisk box as any user except root and am using the same credentials as logging in locally. I am new to Linux and any help would be gratefully appreciated. Thanks Neil -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20040820/04d02707/attachment.htm
use ssh instead of telnet. telnet is a bad idea. Am 20.08.2004 um 11:39 schrieb neil:> Sorry if this is posted to the wrong forum but as it is related to a > problem I have with Asterisk it may just scrape through!! > > ? > > I am running Fedora 1 and I can telnet in to my asterisk box as any > user except root and am using the same credentials as logging in > locally. I am new to Linux and any help would be gratefully > appreciated. > > ? > > Thanks > > ? > > Neil >-- Thomas K?pper 01063 Telecom GmbH & Co. KG Mottmannstr. 2 53842 Troisdorf Telefon: 02241-9434-506 Telefax: 02241-9434-846 E-Mail: thomas.kuepper@01063telecom.de E-Mail: tk@teldafax.de Homepage: http://www.01063telecom.de --------------------------------------- Diese Nachricht ist vertraulich. Sie ist ausschliesslich fuer den im Adressfeld ausgewiesenen Adressaten bestimmt. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir um eine kurze Nachricht. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Da wir nicht die Echtheit oder Vollstaendigkeit der in dieser Nachricht enthaltenen Informationen garantieren koennen, schliessen wir die rechtliche Verbindlichkeit der vorstehenden Erklaerungen und Aeusserungen aus. Wir verweisen in diesem Zusammenhang auch auf die fuer uns geltenden Regelungen ueber die Verbindlichkeit von Willenserklaerungen mit verpflichtendem Inhalt, die in den bank- bzw. unternehmensueblichen Unterschriftenverzeichnissen bekannt gemacht werden. --------------------------------------- This message is confidential and may be privileged. It is intended solely for the named addressee. If you are not the intended recipient please inform us. Any unauthorised dissemination, distribution or copying hereof is prohibited. As we cannot guarantee the genuineness or completeness of the information contained in this message, the statements set forth above are not legally binding. In connection therewith, we also refer to our governing regulations of concerning signatory authority published in the standard bank or company signature lists with regard to the legally binding effect of statements made with the intent to obligate us. --------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 2767 bytes Desc: not available Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20040820/0c814f15/attachment.bin
you can login as root only on the console or on the lines listed in /etc/securetty if you want to log in remotely as root, you can either: - log in as a regular user and then issue the "su -" command in order to become root - use a ssh client (secure shell) instead of telnet (well, you can disable root access in ssh as well) ------ Original message: From: "neil" <neil@3tech.biz> To: <asterisk-users@lists.digium.com> Date: Fri, 20 Aug 2004 10:39:03 +0100 Subject: [Asterisk-Users] telnet and Root Sorry if this is posted to the wrong forum but as it is related to a problem I have with Asterisk it may just scrape through!! I am running Fedora 1 and I can telnet in to my asterisk box as any user except root and am using the same credentials as logging in locally. I am new to Linux and any help would be gratefully appreciated. Thanks
Hello. To answer your question, root is a restricted account. It is too powerful to trust a telnet connection. So, you telnet (preferably SSH) in as a normal user, and then type `su -` and enter the root password. Su (short for SuperUser?) allows you to become root. The - specifies to load all of root's environment variables. If you really want to be able to telnet in as root, locate telnetd.conf or somesuch and it should be in there somewhere as a yes/no. (It is for ssh anyway..) -Ejay> -----Original Message----- > From: asterisk-users-admin@lists.digium.com > [mailto:asterisk-users-admin@lists.digium.com] On BehalfOf neil> Sent: Friday, August 20, 2004 4:39 AM > To: asterisk-users@lists.digium.com > Subject: [Asterisk-Users] telnet and Root > > Sorry if this is posted to the wrong forum but as it is > related to a problem I have with Asterisk it may justscrape through!!> > > > I am running Fedora 1 and I can telnet in to my asteriskbox> as any user except root and am using the same credentialsas> logging in locally. I am new to Linux and any help wouldbe> gratefully appreciated. > > > > Thanks > > > > Neil > >
neil wrote:> Sorry if this is posted to the wrong forum but as it is related to a > problem I have with Asterisk it may just scrape through!! > > > > I am running Fedora 1 and I can telnet in to my asterisk box as any > user except root and am using the same credentials as logging in > locally. I am new to Linux and any help would be gratefully appreciated. >OpenSSH is much easier to secure than Telnet because most telnet servers and clients expect to pass the passwords to eachother in plain site. If you MUST use telnet, please set up Kerberos and configure it to encrypt the entire session, not just the login. you must use the telnet server and client that comes with the kerberos distribution as well. However, in general it is easier to set up SSH than to set up kerberized telnet in a secure way. Due to its vulnerability, most telnet servers will not allow root to log in via telnet. OpenSSH has a configuration option for this, and can be set either way. You can get OpenSSH from http://www.openssh.org. It depends on openssl which is available from http://www.openssl.org.> > > Thanks > > > > Neil >-------------- next part -------------- A non-text attachment was scrubbed... Name: chris.vcf Type: text/x-vcard Size: 127 bytes Desc: not available Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20040823/d8f343e3/chris.vcf