Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: nickw on April 16, 2012, 04:37:10 PM

Title: Boot to server console..
Post by: nickw on April 16, 2012, 04:37:10 PM

I have a user requesting that I make his 7.5.1 seem like his old 6.1 install, that when the machine boots, it goes directly to the admin panel.

I had a look through the documentation, and the only reference I saw was "if you set the server console to auto" which IIRC was possible in the older installers..

Is it still possible?

Title: Re: Boot to server console..
Post by: cactus on April 16, 2012, 06:33:32 PM

I guess so, but it is not advised as it will lower security. There are more secure alternatives. You can access the machine:

• by using user admin with the proper password, console will start automatically
• by using the user root and once logged in type console, followed by enter.

If you really need to set it to auto you might be able to do so with instructions from: http://forums.contribs.org/index.php/topic,30572.msg128025.html#msg128025

Title: Re: Boot to server console..
Post by: nickw on April 17, 2012, 09:47:42 AM

Why is it less secure?

The server is in a locked room, and so on.

Title: Re: Boot to server console..
Post by: Stefano on April 17, 2012, 09:53:22 AM

Quote from: nickw on April 17, 2012, 09:47:42 AM

Why is it less secure?

The server is in a locked room, and so on.

you can't be sure that door will always be locked.. and who is gonna open it.. ;-)

my answer to your user is "no", full stop

Title: Re: Boot to server console..
Post by: nickw on April 17, 2012, 10:22:49 AM

Well, as we say here in italy, sono caz** loro.

Title: Re: Boot to server console..
Post by: Stefano on April 17, 2012, 10:24:13 AM

:-D

eggià ;-)

Title: Re: Boot to server console..
Post by: cactus on April 17, 2012, 08:14:17 PM

Quote from: nickw on April 17, 2012, 09:47:42 AM

Why is it less secure?

The server is in a locked room, and so on.

A locked room only hinders physical access, but there is still the possibility to physically access the machine. Apart from that the machine might be(come) compromised from a network connection (internal  or external). If there is no password on the admin account or the console is always logged in, it is much easier for ill willing people to start mocking around on your system.
In short, preventing physical access is only a small part of a proper security plan.

Title: Re: Boot to server console..
Post by: nickw on April 18, 2012, 12:07:54 PM

Yes, but the console is only available as a physical TTY. If you ssh to the machine, you'll still have a command prompt..

I understand it is a security risk, but I really can't see it being so other than the physical aspect, the account has, and will always have a password, and it remains updated for security issues thanks to yum.

In all honesty though, if someone has physical access to your machine, console or not, you need to make your time.

Title: Re: Boot to server console..
Post by: johnp on April 19, 2012, 12:35:33 AM

You don't have to allow ssh and there is higher security if you chose it.