Red Hat Enterprise Linux: RHEL3 / RHEL4
Enabling Telnet and FTP Services
Linux is configured to run the Telnet and FTP server, but by default, these services are not enabled. To enable the telnet service, login to the server as the root user account and run the following commands:
# chkconfig telnet on
# service xinetd reload
Reloading configuration: [ OK ]
Starting with the Red Hat Enterprise Linux 3.0 release (and in CentOS Enterprise Linux), the FTP server (wu-ftpd) is no longer available with xinetd. It has been replaced with vsftp and can be started from /etc/init.d/vsftpd as in the following:
# /etc/init.d/vsftpd start
Starting vsftpd for vsftpd: [ OK ]
If you want the vsftpd service to start and stop when recycling (rebooting) the machine, you can create the following symbolic links:
# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd
Allowing Root Logins to Telnet and FTP Services
Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login.
Configure Telnet for root logins
Simply edit the file /etc/securetty and add the following to the end of the file:
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.
Disable Root SSH Login on Linux
vi /etc/ssh/sshd_config
Find this section in the file, containing the line with "PermitRootLogin" in it.
#LoginGraceTime 2m
#PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
Make the line look like this to disable logging in through ssh as root.
PermitRootLogin no
Now you'll need to restart the sshd service:
/etc/init.d/sshd restart
Task: Disable / Turn off Linux Firewall (Red hat/CentOS/Fedora Core)
Type the following two commands (you must login as the root user):
# /etc/init.d/iptables save# /etc/init.d/iptables stop
Howto disable the iptables firewall in Linux
Task: Enable / Turn on Linux Firewall (Red hat/CentOS/Fedora Core)
Type the following command to turn on iptables firewall:
# /etc/init.d/iptables startOther Linux distribution
If you are using other Linux distribution such as Debian / Ubuntu / Suse Linux etc, try following generic procedure.
Save firewall rules
# iptables-save > /root/firewall.rules
OR
$ sudo iptables-save > /root/firewall.rulesNow type the following commands (login as root):
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
# iptables -P INPUT ACCEPT
# iptables -P FORWARD ACCEPT
# iptables -P OUTPUT ACCEPT
To restore or turn on firewall type the following command:
# iptables-restore < /root/firewall.rulesGUI tools
1 comment:
Beautiful! I needed this... Thanks Ramesh.
Post a Comment