Configuring Telnet/FTP to login as root (Linux)

Red Hat Enterprise Linux: RHEL3 / RHEL4

Enabling Telnet and FTP Services

Linux is configured to run the Telnet and FTP server, but by default, these services are not enabled. To enable the telnet service, login to the server as the root user account and run the following commands:

# chkconfig telnet on
# service xinetd reload


Reloading configuration: [ OK ]

Starting with the Red Hat Enterprise Linux 3.0 release (and in CentOS Enterprise Linux), the FTP server (wu-ftpd) is no longer available with xinetd. It has been replaced with vsftp and can be started from /etc/init.d/vsftpd as in the following:

# /etc/init.d/vsftpd start

Starting vsftpd for vsftpd: [ OK ]

If you want the vsftpd service to start and stop when recycling (rebooting) the machine, you can create the following symbolic links:

# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd


Allowing Root Logins to Telnet and FTP Services
Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login.
Configure Telnet for root logins

Simply edit the file /etc/securetty and add the following to the end of the file:

pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9


This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.


Disable Root SSH Login on Linux

vi /etc/ssh/sshd_config

Find this section in the file, containing the line with "PermitRootLogin" in it.

#LoginGraceTime 2m
#PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6

Make the line look like this to disable logging in through ssh as root.


PermitRootLogin no

Now you'll need to restart the sshd service:


/etc/init.d/sshd restart


Task: Disable / Turn off Linux Firewall (Red hat/CentOS/Fedora Core)
Type the following two commands (you must login as the root user):


# /etc/init.d/iptables save# /etc/init.d/iptables stop

Howto disable the iptables firewall in Linux

Task: Enable / Turn on Linux Firewall (Red hat/CentOS/Fedora Core)

Type the following command to turn on iptables firewall:

# /etc/init.d/iptables startOther Linux distribution

If you are using other Linux distribution such as Debian / Ubuntu / Suse Linux etc, try following generic procedure.

Save firewall rules

# iptables-save > /root/firewall.rules
OR
$ sudo iptables-save > /root/firewall.rulesNow type the following commands (login as root):
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
# iptables -P INPUT ACCEPT
# iptables -P FORWARD ACCEPT
# iptables -P OUTPUT ACCEPT

To restore or turn on firewall type the following command:

# iptables-restore < /root/firewall.rulesGUI tools

3 comments:

Sesha said...

Beautiful! I needed this... Thanks Ramesh.

Microsoft Office 2007 said...

NEVERTHELESS, THE CIVIL LAW is and must be neutral about who has a more noble or rewarding faith. The breakaway parishes ought to win every Office 2010facet of the lawsuit not becauseMicrosoft Office 2010 their beliefs or their politics are better, Microsoft wordbut because both lawOffice 2007and equity, along with common sense, are on Microsoft Officetheir side.Microsoft Office 2007 Not only does Virginia state law (the Division Statute)Office 2007 keyexplicitly apply to just such a Office 2007 downloadsituation as now exists, but the history Office 2007 Professionalespecially of The Falls Church argues against the claims of Outlook 2010the Virginia Diocese with which theyMicrosoft outlookhave disassociated.Microsoft outlook 2010First, The Falls Church wasWindows 7 founded, formed, and developed long before the diocese, or the national Episcopal Church, even existed.

Sridevi Koduru said...

Regards
Sridevi Koduru (Senior Oracle Apps Trainer Oracleappstechnical.com)
LinkedIn profile - https://in.linkedin.com/in/sridevi-koduru-9b876a8b
Please Contact for One to One Online Training on Oracle Apps Technical, Financials, SCM, Oracle Manufacturing, OAF, ADF, SQL, PL/SQL, D2K at sridevikoduru@oracleappstechnical.com | +91 - 9581017828.