Solve the Problem of root User ftp login and telnet login in Linux

Solve the Problem of root User ftp login and telnet login in Linux-Linux Enterprise Application-Linux server application information. The following is a detailed description. 1. Solve the Problem of root User ftp login in Linux

Generally, for various reasons, ftp does not allow the root user to log on remotely, but you only need to modify a file to log on.

A. Remove or comment out the root in/etc/vsftpd/ftpusers.

B. Remove or comment out the root in/etc/vsftpd/user_list.

2. Modify the default ftp path.

My hard disk space is limited. How can I change the default ftp path/var/ftp of my account to another place? Or, all my linux directories are placed in the/root partition. Due to space shortage, can I put the default path of the ftp user to another partition?

Yes, you should do the following!

First, delete the ftp user.

# Userdel-r ftp

There will be error messages, but ignore them. This is normal.

Then we add this user. For example, if I want to set the Home Directory of the ftp account to/mnt/LinG/ftp, we can perform the following operations:

[Root @ linuxsir001 root] # mkdir/root/ftp
[Root @ linuxsir001 root] # adduser-d/root/ftp-g ftp-s/sbin/nologin ftp

This is not enough because anonymous users cannot find their home directories. Therefore, we must change the permissions of the/mnt/LinG/ftp directory.

[Root @ linuxsir001 root] # chmod 755/root/ftp/
[Root @ linuxsir001 root] # chown-R root. root/ftp/

3. log on to telnet as the root user.

A. Check whether the telnet server is installed on your server.

Rpm-qa | grep telnet-server [root @ Fedorasvr tmp] # ls
Telnet-server-0.17-35.i386.rpm
[Root @ Fedorasvr tmp] # rpm-I telnet-server-0.17-35.i386.rpm
Warning: telnet-server-0.17-35.i386.rpm: Header V3 DSA signature: NOKEY, key ID 4f2a6fd2
Error: Failed dependencies:
Xinetd is needed by telnet-server-0.17-35.i386

------------- What is an error?

Check. Check that xinetd is not installed, because the linux installation package is highly dependent. After installation, install telnet-server.

1. rps-ivh xinetd-2.3.13-6.i386.rpm

2. service xinetd start

3. rps-ivh telnet-server-0.17-35.i386.rpm

4. chkconfig telnet on

The telnet server has been installed,

B) enable the telnet function for the root user.

To configure the Telnet service, follow these steps:

1. Install the telnet package (usually two)

1. telnet-client (or telnet). This package provides the telnet client program;

2. telnet-server. This package provides telnet server programs;

Check whether these software packages are installed before installation. The method is as follows:

[Root @ echo root] # rpm? Q telnet or [root @ wljs root] # rpm? Q telnet-client
[Root @ echo root] # rpm? Q telnet-server

If no software package is detected, install it. By default, the telnet software package is installed in red hat linux 9. Generally, you only need to install the telnet-server software package.

1. Get the telnet-server-0.17-25.i386.rpm package from installation disk 3 of red hat linux 9.

2. install the software package

[Root @ echo root] # rpm? I telnet-server-0.17-25.i386.rpm

Ii. Start the telnet Service

1. Start the service

Method 1: Use ntsysv to add * Before telnet in the displayed window, and then press OK.

Method 2: edit/etc/xinetd. d/telnet

[Root @ echo root] # vi/etc/xinetd. d/telnet

Find disable = yes and change yes to no.

2. Activate the service

[Root @ echo root] # service xinetd restart

Iii. Test services

[Root @ echo root] # telnet ip (or hostname)

If the configuration is correct, the system prompts you to enter the user name and password of the remote machine.

Login:
Password:

Note: Only common users are allowed by default.

4. Set the telnet port

# Vi/etc/services

Go to edit mode and find telnet (input/telnet in vi editing mode)

The following content is found:

Telnet 23/tcp
Telnet 23/udp

Modify 23 to an unused port number (for example, 2000), exit vi, restart the telnet service, and modify the default port number for telnet.

V. Telnet service restrictions

Telnet is a plaintext transmission password and data. If you are not satisfied with the default settings, You need to restrict the service scope. If the ip address of your host is 210.45.160.17, you can set it as follows.

# Vi/etc/xinetd. d/telnet
Service telnet
{
Disable = no # activate the telnet service, no
Bind = 210.45.160.17 # your ip
Only_from = 210.45.0.0/16 # Only 210.45.0.0 ~ is allowed ~ 210.45.255.255
Only_from = .edu.cn # Only CERNET can access!
No_access = 210.45.160. {115,116} # these two ip addresses cannot be logged on
Access_times =--# The service is only available for these two periods of time every day.
......
}

Vi. login from Telnet root User

Telnet is not safe. By default, the root user is not allowed to use telnet to access the Linux host. To allow the root user to log on, use the following methods:

(1)

[Root @ echo/root] # vi/etc/pam. d/login
# Auth required pam_securetty.so # Add comments to this line!

Or

[Root @ echo root] # mv/etc/securetty. bak

(2) edit the/etc/securetty file and add the following lines:

Pts/0
Pts/1
Pts/2
Pts/3

Test that the root user successfully logs on via telnet. In this way, the root user can directly access the Linux host. However, we recommend that you do not do this. You can also switch to the root user after a common user enters, with the root permission.