Loading ...
Sorry, an error occurred while loading the content.

Reply to root login via telnet

Expand Messages
  • jyothi b
    helo u can enable root to login through telnet by opening /etc/pam.d/system_auth file and commenting the first line (account required
    Message 1 of 14 , Apr 3 3:45 AM
    • 0 Attachment
      helo

      u can enable root to login through telnet by opening /etc/pam.d/system_auth file and commenting the first line (account required ....................)

      Anyway it is not secured and ssh is recommended

      Win an evening with the Indian cricket captain: Yahoo! India Promos.

      [Non-text portions of this message have been removed]
    • Viswanadhan Naidu
      Yes, ssh is more secure than telnet.Now way days eveyone useing the ssh instead of telnet. Regards, Viswanadhan , 9849149568. Win an evening with the Indian
      Message 2 of 14 , Apr 3 8:05 AM
      • 0 Attachment
        Yes,

        ssh is more secure than telnet.Now way days eveyone useing the ssh instead of telnet.



        Regards,

        Viswanadhan ,

        9849149568.
        Win an evening with the Indian cricket captain: Yahoo! India Promos.

        [Non-text portions of this message have been removed]
      • Binand Sethumadhavan
        ... Well, these days we have telnets - secure telnet, or telnet over SSL. So the argument that ssh is more secure than telnet is not valid anymore - on the
        Message 3 of 14 , Apr 3 9:03 AM
        • 0 Attachment
          Viswanadhan Naidu posted in ilughyd:
          > ssh is more secure than telnet.Now way days eveyone useing the ssh instead of
          > telnet.

          Well, these days we have telnets - secure telnet, or telnet over SSL. So
          the argument that "ssh is more secure than telnet" is not valid anymore -
          on the face of it.

          Anyone wants to argue the OTHER merits of ssh over telnet?

          Binand
        • suman kalyan
          Hi, When u do communication with telnet it is in plain text format, so there is a chance of knowing wht exactly he is doing. But the communication with ssh is
          Message 4 of 14 , Apr 4 9:13 PM
          • 0 Attachment
            Hi,

            When u do communication with telnet it is in
            plain text format, so there is a chance of knowing wht
            exactly he is doing. But the communication with ssh
            is in encrypted format so it is immpossible to know
            wht he is doing. this is one option where we can say
            ssh is more secure than telnet.


            suman kalyan sharma.M


            __________________________________
            Do you Yahoo!?
            Yahoo! Small Business $15K Web Design Giveaway
            http://promotions.yahoo.com/design_giveaway/
          • suman kalyan
            Hi, When u do communication with telnet it is in plain text format, so there is a chance of knowing wht exactly he is doing. But the communication with ssh is
            Message 5 of 14 , Apr 4 9:13 PM
            • 0 Attachment
              Hi,

              When u do communication with telnet it is in
              plain text format, so there is a chance of knowing wht
              exactly he is doing. But the communication with ssh
              is in encrypted format so it is immpossible to know
              wht he is doing. this is one option where we can say
              ssh is more secure than telnet.


              sumanth kalyan sharma.M


              __________________________________
              Do you Yahoo!?
              Yahoo! Small Business $15K Web Design Giveaway
              http://promotions.yahoo.com/design_giveaway/
            • Sitaram Chamarty
              ... That may have been true, if the word telnet hadnt got stuck in the old sense. Unless you explicitly prefix the word secure in front of it, people
              Message 6 of 14 , Apr 5 1:29 AM
              • 0 Attachment
                on 03-Apr-2004 10:33 PM Binand Sethumadhavan wrote:

                >Well, these days we have telnets - secure telnet, or telnet over SSL. So
                >the argument that "ssh is more secure than telnet" is not valid anymore -
                >on the face of it.
                >
                >
                >
                That may have been true, if the word "telnet" hadnt got stuck in the
                "old" sense. Unless you explicitly prefix the word secure in front of
                it, people still think of it as the good old telnet protocol.

                To further compound the confusion, many well-meaning sites actually say
                "secure shell == secure telnet". Just google for "secure telnet" and
                see what you get, right on the first page of results (without even
                digging into any of the results themselves!).

                Finally, there doesnt seem to be an easy way to get the sources, nor a
                canonical version analogous to openssh as an implementation of ssh. I'm
                happy to be corrected, of course :-)

                >Anyone wants to argue the OTHER merits of ssh over telnet?
                >
                >

                Judging from your posts, I'd say you already know all this stuff and
                more. :-)

                I dont know what secure telnet (telnet over SSL) can do, but it seems to
                me, like IMAP over SSL or POP over SSL, that the base functionality
                remains the same. Ssh, on the other hand, does have many other
                advantages, with the port forwarding being the obvious first one. There
                are so many things I use that port forwarding for that I'd be hard put
                to move to telnet over ssl in any case ;-) And being able to use "scp"
                over the same ports (that is, not needing a separate port/pair for file
                transfer) makes admin-ing the firewall so much easier.

                Being able to drill a hole in a firewall using ssh's -L option (with -f
                and -N adding to the convenience!) should be considered a feature, not a
                bug ;-)

                Being able to restrict authorized_keys access from specific IPs/hosts,
                restricting what command can be run, etc., are all nice features for the
                more paranoid, and enable a lot of automation for things that need to be
                done automatically but also have to be secure.

                Again, please do correct me if secure telnet can do all this. I'm not
                at all sure what it can do, and am going by my guess from the phrase
                "telnet over SSL".

                Sita

                --
                Sitaram

                (Never thought I'd be telling Malcolm and Ilya the same thing... :-) --Larry Wall in <199711071819.KAA29909@...>
              • Binand Sethumadhavan
                ... I believe the Linux telnet server/client implementation comes from the old MIT codebase. Look around in tsx-11.mit.edu/ftp.kernel.org and you might hit
                Message 7 of 14 , Apr 5 2:09 AM
                • 0 Attachment
                  Sitaram Chamarty posted in ilughyd:
                  > Finally, there doesnt seem to be an easy way to get the sources, nor a
                  > canonical version analogous to openssh as an implementation of ssh. I'm
                  > happy to be corrected, of course :-)

                  I believe the Linux telnet server/client implementation comes from the
                  old MIT codebase. Look around in tsx-11.mit.edu/ftp.kernel.org and you
                  might hit upon it.

                  > >Anyone wants to argue the OTHER merits of ssh over telnet?
                  >
                  > Ssh, on the other hand, does have many other advantages, with the port
                  > forwarding being the obvious first one.

                  You have hit the nail on the head. The "killer" feature of SSH is its
                  -L option (and the analogous -R). I call this the "poor man's VPN". ;-)

                  The second killer feature is (Open)SSH's Agent Forwarding. The ability to
                  chain authentication agents so that you have to supply your passphrase
                  only once (usually on a locked down machine, in my case my laptop) is
                  so appealing - I just need to have my private key only on my laptop,
                  and I can cascade as many ssh sessions as I want.

                  The other features I find using most of the time are -X (for X11
                  forwarding), -t (for pseudo-tty allocations even when run from scripts -
                  infinitely useful if you are running up2date on 100 servers) and so on.

                  > Being able to drill a hole in a firewall using ssh's -L option (with -f
                  > and -N adding to the convenience!) should be considered a feature, not a
                  > bug ;-)

                  You forgot -g ;-)

                  Binand
                • Y Giridhar Appaji Nag
                  ... A quick look through the READMEs of the sources on my machine points to a master location at ftp://ftp.uk.linux.org/pub/linux/Networking/netkit The patches
                  Message 8 of 14 , Apr 5 3:20 AM
                  • 0 Attachment
                    on 04/05/04 14:39 Binand Sethumadhavan wrote:
                    > Sitaram Chamarty posted in ilughyd:
                    >
                    >>Finally, there doesnt seem to be an easy way to get the sources, nor a
                    >>canonical version analogous to openssh as an implementation of ssh. I'm
                    >>happy to be corrected, of course :-)
                    >
                    > I believe the Linux telnet server/client implementation comes from the
                    > old MIT codebase. Look around in tsx-11.mit.edu/ftp.kernel.org and you
                    > might hit upon it.

                    A quick look through the READMEs of the sources on my machine points to
                    a master location at ftp://ftp.uk.linux.org/pub/linux/Networking/netkit

                    The patches for telnet-ssl seem to have been taken from
                    ftp.uni-mainz.de/pub/internet/security/ssl/SSL-MZapps/

                    >>>Anyone wants to argue the OTHER merits of ssh over telnet?
                    >>
                    >>Ssh, on the other hand, does have many other advantages, with the port
                    >>forwarding being the obvious first one.
                    >
                    > The second killer feature is (Open)SSH's Agent Forwarding. The ability to
                    >
                    > The other features I find using most of the time are -X (for X11
                    > forwarding), -t (for pseudo-tty allocations even when run from scripts -

                    I use all these features of ssh myself (gdm + ssh-agent / ssh-add) and I
                    like them a lot. Infact, I don't have a telnet client on my machine anymore.

                    Giridhar
                  • Binand Sethumadhavan
                    ... That is not good. ;-) telnet has its uses - as a testing tool for TCP/IP Layer 7 protocols, and to access the management interfaces of
                    Message 9 of 14 , Apr 5 3:46 AM
                    • 0 Attachment
                      Y Giridhar Appaji Nag posted in ilughyd:
                      > Infact, I don't have a telnet client on my machine anymore.

                      That is not good. ;-) telnet has its uses - as a testing tool for
                      TCP/IP Layer 7 protocols, and to access the management interfaces of
                      routers/switches/other assorted boxes one finds in a heterogeneous
                      network.

                      (Though I use netcat/openssl for the first of the above)

                      Binand
                    • Suresh Ramasubramanian
                      ... you can ssh to routers and most ssh clients also do telnet (ssh.com commercial ssh client, putty, etc on windows, for instance) srs
                      Message 10 of 14 , Apr 5 3:50 AM
                      • 0 Attachment
                        [4/5/2004 4:16 PM] Binand Sethumadhavan :

                        > That is not good. ;-) telnet has its uses - as a testing tool for
                        > TCP/IP Layer 7 protocols, and to access the management interfaces of
                        > routers/switches/other assorted boxes one finds in a heterogeneous
                        > network.

                        you can ssh to routers

                        and most ssh clients also do telnet (ssh.com commercial ssh client,
                        putty, etc on windows, for instance)

                        srs
                      • Binand Sethumadhavan
                        ... Let me see you ssh ing to: 1. Printers. 2. UPSes. 3. Switches (especially old ones - Catalyst 1900, for example). 4. PBX etc. (Call-centre equipment,
                        Message 11 of 14 , Apr 5 4:12 AM
                        • 0 Attachment
                          Suresh Ramasubramanian posted in ilughyd:
                          > > That is not good. ;-) telnet has its uses - as a testing tool for
                          > > TCP/IP Layer 7 protocols, and to access the management interfaces of
                          > > routers/switches/other assorted boxes one finds in a heterogeneous
                          > > network.
                          >
                          > you can ssh to routers

                          Let me see you ssh'ing to:

                          1. Printers.
                          2. UPSes.
                          3. Switches (especially old ones - Catalyst 1900, for example).
                          4. PBX etc. (Call-centre equipment, surely of importance to Hyderabadi
                          sysadmins ;-).
                          5. Older Sun machines (Solaris 7/8) which didn't ship with SSH.
                          6. telnet takedown.com 5001

                          etc. etc...

                          Anyway, my point was that a telnet client is certainly a must-have in a
                          good admin's arsenal. Not enough SSH clients can do telnet as of today
                          (OpenSSH client, for example).

                          Binand
                        • Y Giridhar Appaji Nag
                          ... Aah surely. But I had this telnet hangover simple to logon even to machines that had ssh, and that was gone once I removed it locally. As for testing,
                          Message 12 of 14 , Apr 5 4:49 AM
                          • 0 Attachment
                            on 04/05/04 16:16 Binand Sethumadhavan wrote:
                            > Y Giridhar Appaji Nag posted in ilughyd:
                            >
                            >>Infact, I don't have a telnet client on my machine anymore.
                            >
                            > That is not good. ;-) telnet has its uses - as a testing tool for
                            > TCP/IP Layer 7 protocols, and to access the management interfaces of

                            Aah surely. But I had this telnet hangover simple to logon even to
                            machines that had ssh, and that was gone once I removed it locally.

                            As for testing, these days I use assorted network clients and then
                            ethereal to test network protocols.

                            > routers/switches/other assorted boxes one finds in a heterogeneous
                            > network.

                            Very true, being the simple protocol that telnet is. But I don't have to
                            deal with those boxen much :-)

                            Giridhar
                          • Suresh Ramasubramanian
                            ... yea I know, but I guess people do have telnet clients lying around where they least expect it.
                            Message 13 of 14 , Apr 5 5:03 AM
                            • 0 Attachment
                              [4/5/2004 4:42 PM] Binand Sethumadhavan :

                              > etc. etc...
                              >
                              > Anyway, my point was that a telnet client is certainly a must-have in a
                              > good admin's arsenal. Not enough SSH clients can do telnet as of today
                              > (OpenSSH client, for example).

                              yea I know, but I guess people do have telnet clients lying around where
                              they least expect it.
                            • Binand Sethumadhavan
                              ... A very bad assumption to make, when preparing for the 30-mile drive to the datacenter. Binand
                              Message 14 of 14 , Apr 5 5:38 AM
                              • 0 Attachment
                                Suresh Ramasubramanian posted in ilughyd:
                                > yea I know, but I guess people do have telnet clients lying around where
                                > they least expect it.

                                A very bad assumption to make, when preparing for the 30-mile
                                drive to the datacenter.

                                Binand <g,d&r>
                              Your message has been successfully submitted and would be delivered to recipients shortly.