how to read root mail from other machine on secure lan
Rick Stevens
rstevens at vitalstream.com
Mon Jan 22 17:48:24 UTC 2007
On Mon, 2007-01-22 at 10:04 +0700, Budi Febrianto wrote:
> I never read root emails as root. I forward all root emails to another
> user account.
>
> Budi Febrianto
> indomino.blogpsot.com
>
> Ralph E. Kenyon, Jr. wrote:
> > Hi,
> >
> > I'm trying to figure out how to allow access to my root mail account using
> > a pop email client on another machine on my LAN.
> >
> > I can check the mail for another user on my Redhat 9 linux box, but not
> > root.
> > Authentication fails.
> >
> > I have managed to allow telnet login to root, but this did not work for
> > the mail account.
> >
> > Can anyone give me any suggestions?
There are several issues. First off, by default RHEL doesn't allow root
access over the network--only on the console. To change that (and I do
NOT recommend this for security reasons), edit /etc/securetty. It
contains a list of the ttys that root IS allowed to log in on.
Second, NEVER, EVER, EVER use telnet! It is completely unsecure.
Usernames, passwords and ALL data is sent over the net in cleartext.
Use ssh instead. And even using ssh, never log in as root. Log in as a
normal user, then use "su -" to become root.
Third, the POP server (dovecot) by default doesn't allow access by users
with UIDs less than 500. Look at the /etc/dovecot.conf file for
details.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- su -; find / -name someone -exec touch \{\} \; -
- - The UNIX way of touching someone -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list