graywolf Posted May 12, 2012 Share Posted May 12, 2012 Is there a limit on number of telnet or root logins? And if so, where/how do you increase it? Able to open 8 telnet sessions logged in as root, the 9th opens to the login prompt but get Login incorrect after I put in the password. If I end one of the other telnet sessions and reenter login info in other session, it lets me in. Quote Link to comment
graywolf Posted May 12, 2012 Author Share Posted May 12, 2012 Additional info from syslog: May 12 09:10:19 Tower login[3311]: ILLEGAL ROOT LOGIN on '/dev/pts/8' from '192.168.1.103' Quote Link to comment
Joe L. Posted May 12, 2012 Share Posted May 12, 2012 Additional info from syslog: May 12 09:10:19 Tower login[3311]: ILLEGAL ROOT LOGIN on '/dev/pts/8' from '192.168.1.103' To fix this, you need to add additional lines to the /etc/securetty file. In your config/go script, add the following lines: echo "pts/8" >>/etc/securetty echo "pts/9" >>/etc/securetty After you reboot you'll then gain the ability to log in as root via two more telnet sessions. (telnet sessions use the /dev/pts/X devices) Right now, there are only 8 "pts" devices allowed to be used to root logins. (and for 99.99% of us, that is more than enough) Joe L. Quote Link to comment
graywolf Posted May 12, 2012 Author Share Posted May 12, 2012 Thanks Joe Usually don't open that many sessions but was doing another verification (reiserfsck --check) on my drives before going from 2TB parity drive to 3TB parity drive. So I had done 5 drives yesterday, and doing the other 9 today. Well 2 drives are finished so have started the --check on the last drive. Quote Link to comment
JonathanM Posted May 13, 2012 Share Posted May 13, 2012 I gotta ask, is there something I'm missing here that using the screen command doesn't work for you? Or does the screen command actually use up the sessions too? I've never tried opening more than 3 or 4 screen sessions at once, so I don't know. Quote Link to comment
graywolf Posted May 13, 2012 Author Share Posted May 13, 2012 Habit. Don't have screen at work, so just used to multiple putty sessions. Quote Link to comment
nars Posted March 10, 2014 Share Posted March 10, 2014 Sorry to bump this old topic, but I did found similar problem this morning and would like to leave a note here for others that eventually get same issue and find this topic, like I did... replying jonathanm question above, yes it seems screen uses sessions as well, in fact I had 0 telnet sessions running but some 10 screen sessions running and was unable to login one single telnet session, also getting ILLEGAL ROOT LOGIN on the log, however (fortunately) ssh worked fine. Quote Link to comment
JonathanM Posted March 10, 2014 Share Posted March 10, 2014 Sorry to bump this old topic, but I did found similar problem this morning and would like to leave a note here for others that eventually get same issue and find this topic, like I did... replying jonathanm question above, yes it seems screen uses sessions as well, in fact I had 0 telnet sessions running but some 10 screen sessions running and was unable to login one single telnet session, also getting ILLEGAL ROOT LOGIN on the log, however (fortunately) ssh worked fine. So, you are saying it's possible to get into a situation where you can't login via telnet to resume a screen session that was successfully started via a previous telnet session? If so, that's a little scary, as it's rather inconvenient to get a local console on my main server. I would have thought the telnet session you used to start the new screen instance would keep the extra screen from starting if there weren't enough devices to service it. Another good reason to have SSH available. Quote Link to comment
nars Posted March 10, 2014 Share Posted March 10, 2014 I'm not fully sure about details, but yes, at morning I did got in a situation that the only way to log into the server was ssh, telnet was just impossible to login until I closed some screen sessions. I can't find a limit on screen sessions, apparently... but seems that after some few are used telnet doesn't work anymore, not a problem for screen or ssh though. Edit: I did some quick testing with this again and found that indeed ssh and screen seems to have no problems to get sessions on something like pts/15, pts/16, etc... (and I didn't touched /etc/securetty), but telnet seems to really refuse connection if there is not a free pts/0 to pts/7, then a way to get fully "locked" from telnet (probably what happened to me at morning, and now again on my testing) is: - open a telnet/ssh session, it will get on pts/0 - open at least 7 screen sessions taking pts/1 to pts/7 - open a new telnet/ssh session, it will get on pts/8 - close the 1st telnet/ssh session, will free up pts/0 - using the other telnet/ssh session open one more screen session, it will get the pts/0 one At this point you have pts/0 to pts/7 all taken by screen sessions, now it's just impossible to login using telnet, the only way is ssh... Anyway I think an user that only really uses telnet should not be able to be in such a lock situation, because he should always have at least one free pts, the one he used to login initially, even if he disconnect/reconnect he should get on that same pts (unless there is some script or something creating screen sessions while he is not logged)... another issue may be if one telnet connection get's "stuck" by some network issue or something, guess may get him on similar lock situation eventually as that pts will get wrongly taken by the "ghost" connection... Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.