Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Glenn Kennedy on January 17, 2000, 06:04:45 PM
-
if open a Windows telnet connection to my e-smith server - 192.168.1.1 - i can see the server info, and can provide my admin username and password. as soon as i enter the password, i get the telnet error "connection to host lost". What's causing this error?
glenn kennedy
-
For Security reasons, telnet defaults to "no access" on the initial install of the e-smith server. If you REALLY want to enable telnet, you need to login to the e-smith-manager and go to "security settings", there you will be able to set telnet to allow connection to "private" (meaning access only from your internal lan), "public" (allowing access from either inside or outside the lan. ie from the internet), or leave it at "no access".
As there are numerous exploits for telnet (meaning it isn't very secure) IMHO it is best to leave it at "no access" and either do whatever you need to do at the e-smith box itself (aside from the e-smith-manager) or you could install a secure shell package like ssh. Personally, on a rare occasion, I will set mine to "private" so that I can sit in my comfey chair and work on the server for some reason, but I wouldn't even think of setting it to "public", too much of a security risk.
hope that helps
cryblood
(note, the following was written by someone who is fairly paranoid)
[no I'm not!]
(you are too!)
-
you're suggestion of installing ssh is a good one; and that is exactly what i was trying to do via telnet login. however, even with the access set to private, the e-smith box still drops the connection after i enter my user and password. this can't be right - have you, or anyone else, encountered this?
thanks,
glenn kennedy
-
No cryblood, that doesn't really help. The exact same thing is happening with my setup as Glenn's. I know that you guys don't like the idea of enabling external telnet but I (naively?) assume that the "public" setting is for allowing the admin to login from outside the LAN. What other secret tricks have to be performed to REALLY enable external login?
Thanks in advance
Tommy
-
Glenn Kennedy wrote:
> you're suggestion of installing ssh is a good one; and that is
> exactly what i was trying to do via telnet login. however,
> even with the access set to private, the e-smith box still
> drops the connection after i enter my user and password.
> this can't be right - have you, or anyone else, encountered
> this?
To install ssh, log in as root on the console: Alt-F4, "root", admin password.
If you wish to log into the server as yourself, you will need to
change your user shell to /bin/bash. The default shell is very
restrictive - it doesn't let you do anything :-)
Log in as root, then do: "chsh -s /bin/bash username".
Charlie
-
Hi Glenn,
I have had the same experience here on e-smith 3.1, not that telnet is important to me but I tried it with the same results. NO GO.
Regards,
Russell
-
Hello all,
On the e-smith server, "admin" is not an actual user account that you can log in to. To administer the system, you must always log in as "root". There should be no other tricks necessary to get it working. Try setting the security to "private" or "public" and logging in as root. This has been pretty heavily tested - if it doesn't work can you please post the exact text of the error message?
Best regards,
- Joe
-
logging in as "root" did the trick. e-smith: you might want to put this in the manual, if it's not already there.
thanks charlie & joseph for your help.
glenn kennedy
ps -- while i know external ftp access to e-smith box is not secure and shouldn't be encouraged yadda yadda yadda, does anyone know how to turn enable it?
-
Hi Glenn!
Thanks for the posts!
Glenn Kennedy wrote:
> logging in as "root" did the trick. e-smith: you
> might want to put this in the manual, if it's not already there.
It's on page 27 of the version 3.0/3.1 manual. But we've had other folks miss it, so perhaps it should be more prominently featured. :-)
Thanks!
Kim
-
you should be able to get in by logging in as "root" and then use the same password as the admin user.
someone might have already said this, but it never hurts...
good luck-