Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Alessandro Degola on July 26, 2000, 06:55:44 PM

Title: root telnet ?????
Post by: Alessandro Degola on July 26, 2000, 06:55:44 PM

I've found out I can do telnet session with root user from LAN and anyway else!!!!
It's not a good thing.

Why is it possibile???

Bye

Alessandro Degola

I'm working on 3.1...I don't know if e-smith staff fixed this BUG in new version.
If this problem persist in newest version please correct it immediately!

Title: RE: root telnet ?????
Post by: Paul Nesbit on July 26, 2000, 07:24:08 PM

Alessandro Degola wrote:

> I've found out I can do telnet session with root user from LAN
> and anyway else!!!! It's not a good thing.

Not a good thing at all, that's why there is a setting in the e-smith-manager that allows admin to select "public" or "private".  Ensure that this setting is set to "private".


> I'm working on 3.1...I don't know if e-smith staff fixed this
> BUG in new version. If this problem persist in newest version
> please correct it immediately!

I've verified the security settings are working in newest version, 4.0.

Title: RE: root telnet ?????
Post by: Alessandro Degola on July 26, 2000, 08:08:05 PM

>Not a good thing at all, that's why there is a setting in the e-smith-manager that >allows admin to select "public" or "private". Ensure that this setting is set >to "private".

I know this kind of setting...I've forgot to switch it on Private, sorry!

But I still don't understand why only root is able to do a telnet session and every other (admin included) are keeps away. (in public and also in private mode).
E-smith is the first distribution that I tried in my very short linux experience, that allows root telnet session.

Each suggestion or explanation is welcome.

cheers
Alessandro Degola

Title: RE: root telnet ?????
Post by: Joseph Morrison on July 26, 2000, 09:25:30 PM

Hello Alessandro,

> But I still don't understand why only root is able to do a
> telnet session and every other (admin included) are keeps away.
> (in public and also in private mode).
> ...
> Each suggestion or explanation is welcome.

e-smith is designed for organizations with little or no linux expertise, so the default is that regular users cannot log in. They would have no use for a Unix prompt.

Telnet access is intended for emergency system administration or customization, in which case root access is almost always required - so we've allowed it, controlled by the public/private/none options. (Of course, enabling public telnet access is strongly discouraged and shows a red warning in the e-smith manager.)

Hope this explanation helps. Best regards,
- Joe Morrison, CEO