[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Shell access: Disabling Telnet
- Subject: [cobalt-users] Shell access: Disabling Telnet
- From: "Tim Bolt" <timbolt@xxxxxxxxxxx>
- Date: Thu Jun 7 05:32:02 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hello!
Now I am fairly certain I know the answers to most of the following questions, but am hoping to get confirmaton from those of you with more knowledge...
1) The option to enable Telnet for a user is really the option to enable shell access, whether it be via telnet or ssh.
2) Hence commenting out the telnet line in inetd.conf will not affect who has shell access, merely that they will have to use ssh to access the box. (There is only one other person beside me with with shell access anyway, so a bit of a non-issue. We both use and have used ssh for a while.)
Hence the Cobalt siteadmin GUI telnet setting for a user IS still relevant.
3) Having telnet open on port 22 is a danger in and of itself; not just the use of it (i.e. the availability of the port and not just the unencrypted communications).
i.e.: would having telnet, but not having anyone use it pose a significantly higher risk than disabling it?
I know it is an extra port for a port scanner to hit, how relevant is that?
4) What if SSH goes 'wonky'? As mentioned in:
http://list.cobalt.com/pipermail/cobalt-users/2000-October/022643.html
this can be a costly issue to reboot then! SHould I not relay on SSH and rely on a "no-use" policy for telnet?
Many thanks!
Tim
------------------------------------------------------------
--== Sent via Deja.com ==--
http://www.deja.com/