CentOS / RHEL 6 : How to Disable / Enable direct root login via telnet

By default root is not allowed to login through telnet for security reasons. Passwords are transmitted in plain text when you use telnet. For this reason, the root user is not allowed to connect using telnet by default.

To verify root is disabled we can check the config file /etc/xinetd.d/telnet. When the parameter disable is set to yes, root user can not telnet into the system.

# vi /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses 
#       unencrypted username/password pairs for authentication.
service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
        disable         = yes
}

Enabling root access

To enable root telnet login edit the /etc/xinetd.d/telnet file and set the disable parameter to no.

# vi /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses 
#       unencrypted username/password pairs for authentication.
service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
        disable         = no
}

Disabling root access

In case you want to disable the access again, put yes against the disable parameter in the file /etc/xinetd.d/telnet.

# vi /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses 
#       unencrypted username/password pairs for authentication.
service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
        disable         = yes
}
Related Post