Solaris 10 FTP, telnet, ssh, Sendmail

1. Manage commandsSvcadm(Service status management, start, stop, etc)
# SVCs <br> to view all the current service statuses, you can use | Pipeline character redirection for more personalized searches. For example:
# SVCs | grep online
# SVCs | grep offline
# SVCs | grep inetd view inetd service status

 

2. Disable ftp, telnet, and Sendmail on Solaris 10.
# Svcadm disable svc: Network/ftp
# Svcadm disable svc: Network/telnet
# Svcadm disable svc: Network/SMTP: Sendmail

3. Solaris can be used to modify the root account through Telnet and FTP.
Root Telnet and FTP cannot be used after Solaris 10 is installed in the past few days,
Modify/Etc/default/login comment out the console =/dev/console line, you can use root telnET.
In/Etc/ftpd/ftpusers. If there is root, comment out the # sign at the beginning of the line.

4. Enable the SSH service on Solaris 10

Solaris provides this service after installation: OpenSSH
How to enable the Service:Svcadm enbale-RT SSH
By default, OpenSSH prohibits the root account from logging on through SSH to ensure security.
The method is as follows:
ModifyIn the/etc/ssh/sshd_config file, change "permitrootlogin no" to "permitrootlogin yes", and then run svcadm restart SSH to restart the SSH service.

5. Start FTP or view FTP status

By default, FTP is disabled. The startup command is as follows:

# Svcadm enable/Network/ftp

Check the FTP service status:

# SVCs-l Network/ftp

By default, the root user cannot log on. You need to modify the/etc/ftpd/ftpusers file and add a comment before the root line.

 

6. Restart SSH

By default, SSH is enabled. However, the root user cannot log on. You need to modify/etc/ssh/sshd_config, change permitrootlogin to yes, and restart the SSH service,

Restart command:

# Svcadm restart Network/ssh

7.Restart Nic

After modifying the IP address of the/etc/hosts file, you can restart the host to make the settings take effect. Now, you can also run the following command to make the settings take effect without restarting the host.

# Svcadm restart physical

8. How to restart the sshd service?

# Ps-Ef | grep SSH query SSH status

Root 516 1 0 Dec 27? 0: 00/usr/lib/ssh/sshd

Root 2006 1728 0 09:52:49 pts/3 grep SSH

# Kill-9 516 terminate SSH

#/Usr/lib/ssh/sshd start SSH

 

9.

Comment out/etc/default/login, whereConsole =/dev/consoleFor one line, the root user can telnet:

# More/etc/default/login
# Ident "@ (#) login. DFL 1.14 04/06/25 SMI"
#
# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.

# Set the TZ environment variable of the shell.
#
# Timezone = est5edt

# Ulimit sets the file size limit for the login. Units are disk blocks.
# The default of zero means no limit.
#
# Ulimit = 0

# If console is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
# Console =/dev/console

# Passreq determines if login requires a password.
#
Passreq = Yes

# Altshell determines if the shell environment variable shocould be set
#
Altshell = Yes

# Path sets the initial shell PATH variable
#
# Path =/usr/bin:

# Supath sets the initial shell PATH variable for root
#
# Supath =/usr/sbin:/usr/bin

# Timeout sets the number of seconds (between 0 and 900) to wait before
# Abandoning a login session.
#
# Timeout = 300

# Umask sets the initial shell File Creation Mode mask. See umask (1 ).
#
# Umask = 022

# Syslog determines whether the syslog (3) log_auth facility shocould be used
# To log all root logins at level log_notice and multiple failed login
# Attempts at log_crit.
#
Syslog = Yes

# Sleeptime controls the number of seconds that the command shocould
# Wait before printing the "Login incorrect" message when
# Bad password is provided. The range is limited from
#0 to 5 seconds.
#
# Sleeptime = 4

# Disabletime if present, and greater than zero, the number of seconds
# Login will wait after retries failed attempts or the PAM framework returns
# Pam_abort. Default is 20. Minimum is 0. No maximum is imposed.
#
# Disabletime = 20

# Retries determines the number of failed logins that will be
# Allowed before login exits. Default is 5 and maximum is 15.
# If account locking is configured (user_attr (4)/policy. conf (4 ))
# For a local user's account (passwd (4)/shadow (4), that account
# Will be locked if failed logins equals or exceeds retries.
#
# Retries = 5
#
# The syslog_failed_logins variable is used to determine how many failed
# Login attempts will be allowed by the system before a Failed Login
# Message is logged, using the syslog (3) log_notice facility. For example,
# If the variable is set to 0, login will log-all-failed login attempts.
#
# Syslog_failed_logins = 5

========================================================== ========================