Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: yehaah on January 09, 2006, 08:24:22 AM
-
I suddently can't log onto my server as root, using putty?
This is from both local and eksternal networks.
I have no problems logging on as admin via Putty, but if i try as root, I get the following:
login as: root
root@linux-server's password:
Access denied
I used to be able to log on from home, but not any more.
Only change I've made, is that I hav added a new domain, but I've added them before without problems.
I've tried to reboot, but that didn't help.
It's running SME 6.0.1-01
-
I just tried physical access, and there I cant log on as root either.
I noticed that it's a v. 6 and not a 6.0.1-01
Anybody got a clue to what I can do?
-
I've been reading http://mirror.contribs.org/smeserver/contribs//bobk/down-loads/sme-manual.pdf and here it says that both "root" and "admin" have the same passwords, and can log in via ssh.
In remote access I've set the following:
Secure shell access - intire internet
Allow administrative command line access over secure shell - YES
Allow secure shell access using standard passwords - YES
Can anybody help me?
-
search for ways to reset your password, in the worse conditions start thinking about reinstalling your system since you migh well gone hacked. Next time either disable SSH login or make it only available to the internal LAN.
-
search for ways to reset your password, in the worse conditions start thinking about reinstalling your system since you migh well gone hacked.
Isn't SME more secure than that?
Ill se if I can set a new password in the start screen.
Next time either disable SSH login or make it only available to the internal LAN.
Then I can't logon from home, to do changes.
-
Yes SME is secure as long as updates are maintanied, and that because you have enabled SSH to Internet you have strong password.
If your password has been changed you would not be able to get in, you would need to follow this...
http://no.longer.valid/phpwiki/index.php/TroubleshootingFAQ#lostPassword
-
It's like buying one of those armored cars with special everything, bullet proof, etc. and leave it on the parking lot with the windows down and the keys in.
:oops:
So security is not only about the product itself.
To access it remotelly you can use public/private keys, VPN and also change the SSH port for the extra security.
Now, I'm not saying that your system has been compromised, only a full audit would tell you so. You made things easier by allowing full SSH access, an attacker already know the login (root) and if your password was not strong enough...
-
OK, I'reinstall the machine to be sure.
I've set SSH to local networks for now, and I'll look into how to change ports when the new one is up and running.
Is local ssh secure enough for the time beeing, or is there more that I should be aware of?
-
Local access is fine, I have been running that for number of years without any problems
-
You could use something like Radmin from outside your local network, to access a workstation.
A hacker would then have to figure out the open radmin server port, then discover/load his own radmin, then crack your radmin password, then crack your windows security to access the local machine, and then from there onto the SME server.
probably secure enough except the people who already have keyboard access!