Re: Bug#81396: root shell fscked after upgrade to woody

To: debian-devel@lists.debian.org
Subject: Re: Bug#81396: root shell fscked after upgrade to woody
From: "Vince Mulhollon" <vlm@norlight.com>
Date: Mon, 8 Jan 2001 09:18:46 -0600
Message-id: <[🔎] OFB0815166.A3C9BDC3-ON862569CE.0052E4DA@norlight.com>

The reason for installing ssh in this case was for troubleshooting,
although higher security would be a positive side effect.

He reports trouble from an unknown source, and telnetd is "involved".
Installing ssh would allow comparisons of the failure modes with different
network login clients.

If it failed with telnetd and worked with ssh, well then that would isolate
the problem to something related to telnetd.

If it failed with telnetd and failed with ssh, then the problem is probably
not the the telnetd package (although there are possibilites)

rsh could be used in a similar troubleshooting manner, although a side
effect of installing rsh would probably be lower security rather than
higher...

Some people ask why and/or complain Debian has more than 1 package that can
provide "Q" where Q is webserving or DHCPing, or BIND versions, or
whatever.  I think the ability to troubleshoot problems by trying alternate
programs is an excellent reason to have "multiple packages doing the same
thing".

                    Craig Sanders                                                                                   
                    <cas@taz.net.        To:     "Eray Ozkural (exa)" <erayo@cs.bilkent.edu.tr>,                    
                    au>                  81396@bugs.debian.org                                                      
                                         cc:     (bcc: Vince Mulhollon/Brookfield/Norlight)                         
                    01/06/2001           Fax to:                                                                    
                    11:36 PM             Subject:     Bug#81396: root shell fscked after upgrade to woody           
                    Please                                                                                          
                    respond to                                                                                      
                    Craig                                                                                           
                    Sanders;                                                                                        
                    Please                                                                                          
                    respond to                                                                                      
                    81396                                                                                           

On Sun, Jan 07, 2001 at 04:38:10AM +0200, Eray Ozkural (exa) wrote:

> We use telnet here because this is a diverse university network; we
> can't force people to run ssh and any moron could go root on this
> machine if he really wanted to.

why not?

the most you'd have to do is put up a single web page with links to
local copies of ssh clients for various platforms...and optionally
replace telnetd with a script (or tcp-wrapper's "twist" capability)
which printed a message displaying the URL and advising the user to
install an ssh client. telnet problem solved with a minimum of user
support calls.

there's really no excuse for running (non-ssl) telnetd any more. good
free ssh clients are available for just about every operating system.

craig

--
craig sanders

--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

Prev by Date: Re: ITP: mboxgrep -- Grep through mailboxes
Next by Date: Re: Compiling 2.0.38 kernel
Previous by thread: Re: Bug#81396: root shell fscked after upgrade to woody
Next by thread: [authorization] fails silently for normal users, cannot start server
Index(es):
- Date
- Thread