Telnet and root

Does anyone know of any situations that would restrict the root user to
login to a machine using telnet? I have a few machines on which I can
telnet to and login as root… but I also have a few that will not allow
root to login over telnet… they simply re-display the user prompt after
entering the root user name and password… in all cases, the machines can
be reached through ftp using the root account.

Some people will restrict logins from root in their /etc/profile script.

When someone first logs on, the /etc/profile gets executed. It can check
the login id and terminal and just log you out if it want to.

Have you tried logging in as non-root and then su’ing to root?

“Brian Delsey” <bdelsey@mindspring.com> wrote in message
news:9fc690$jpd$1@inn.qnx.com

Does anyone know of any situations that would restrict the root user to
login to a machine using telnet? I have a few machines on which I can
telnet to and login as root… but I also have a few that will not allow
root to login over telnet… they simply re-display the user prompt after
entering the root user name and password… in all cases, the machines
can
be reached through ftp using the root account.

Bill

The machines in question do not have an /etc/profile file. The hardware is
meant to be an embedded system that under normal circumstances would not
have any user interaction. However, we want to be able to use Telnet for
simple maintenance and troubleshooting operations and thus the desire to
login in as root, which normally would be the only user we have configured
to these systems.

When the root login is attempted, the login sequence becomes an endless loop
as follows:

login: root
password: *******
login: (this will repeat forever)

We can create a user account and successfuly use Telnet to log in. But the
intention is to get the root account to work.

Another discovery:

On the machine itself, attempting a login from the prompt behaves in the
same way:

login

login: root
password: *****
login: (etc…)

Again, the root can not login in this manner… ???

Root only seems to have access through ftp. Also, when the machine boots,
there is no login required - the shell seems to automatically get invoked
with the root user and complete system access is available.

I must be missing something simple. Any more suggestions you may have would
be appreciated.

Thanks
Brian



Bill Caroselli @ Q-TPS <BillCaroselli@Q-TPS.com> wrote in message
news:9fe4d4$obe$1@inn.qnx.com

Some people will restrict logins from root in their /etc/profile script.

When someone first logs on, the /etc/profile gets executed. It can check
the login id and terminal and just log you out if it want to.

Have you tried logging in as non-root and then su’ing to root?

“Brian Delsey” <> bdelsey@mindspring.com> > wrote in message
news:9fc690$jpd$> 1@inn.qnx.com> …
Does anyone know of any situations that would restrict the root user to
login to a machine using telnet? I have a few machines on which I can
telnet to and login as root… but I also have a few that will not allow
root to login over telnet… they simply re-display the user prompt
after
entering the root user name and password… in all cases, the machines
can
be reached through ftp using the root account.

\

On the target machine, is there a file /etc/shadow.qcrypt? If so,
it may be that the ftpd daemon is a new “crypt” version, but the
telnetd and login are not.

If you look at /etc/config/sysinit.N (N is the node number)you
might see a line such as “on -t /dev/con1 sh” which would put up
a root prompt without a login.

How are the people telnetting in? If from QNX, does
telnet -8
make a difference? If you are coming from a windows machine, what
emulator are you using?

Richard

Brian Delsey wrote:

Bill

The machines in question do not have an /etc/profile file. The hardware is
meant to be an embedded system that under normal circumstances would not
have any user interaction. However, we want to be able to use Telnet for
simple maintenance and troubleshooting operations and thus the desire to
login in as root, which normally would be the only user we have configured
to these systems.

When the root login is attempted, the login sequence becomes an endless loop
as follows:

login: root
password: *******
login: (this will repeat forever)

We can create a user account and successfuly use Telnet to log in. But the
intention is to get the root account to work.

Another discovery:

On the machine itself, attempting a login from the prompt behaves in the
same way:

login <CR

login: root
password: *****
login: (etc…)

Again, the root can not login in this manner… ???

Root only seems to have access through ftp. Also, when the machine boots,
there is no login required - the shell seems to automatically get invoked
with the root user and complete system access is available.

I must be missing something simple. Any more suggestions you may have would
be appreciated.

Thanks
Brian

Bill Caroselli @ Q-TPS <> BillCaroselli@Q-TPS.com> > wrote in message
news:9fe4d4$obe$> 1@inn.qnx.com> …
Some people will restrict logins from root in their /etc/profile script.

When someone first logs on, the /etc/profile gets executed. It can check
the login id and terminal and just log you out if it want to.

Have you tried logging in as non-root and then su’ing to root?

“Brian Delsey” <> bdelsey@mindspring.com> > wrote in message
news:9fc690$jpd$> 1@inn.qnx.com> …
Does anyone know of any situations that would restrict the root user to
login to a machine using telnet? I have a few machines on which I can
telnet to and login as root… but I also have a few that will not allow
root to login over telnet… they simply re-display the user prompt
after
entering the root user name and password… in all cases, the machines
can
be reached through ftp using the root account.

\

Brian Delsey <bdelsey@mindspring.com> wrote:

Bill

The machines in question do not have an /etc/profile file. The hardware is
meant to be an embedded system that under normal circumstances would not
have any user interaction. However, we want to be able to use Telnet for
simple maintenance and troubleshooting operations and thus the desire to
login in as root, which normally would be the only user we have configured
to these systems.

When the root login is attempted, the login sequence becomes an endless loop
as follows:

login: root
password: *******
login: (this will repeat forever)

There was a change in encryption method used by QNX4 for encrypting
its passwords in the /etc/shadow. If you have mis-matched password
files and utilities, then you could get this behaviour – ftpd is
compiled against the library that matches your password files, but
telnetd, and login would not be.

Try comparing the dates and checksums of the three utilities (plus
the passwd utility) against a system where everything works.

-David

QNX Training Services
dagibbs@qnx.com