I finally got Bastille shut off after it basically locked me out of my server. Got a friendly sysad to help but I don't want to press my luck.

Seems even though Bastille is down, SSH has been disabled and I can't login via root directly. I have to su - to it. So I FTPed in and now I have to figure out how to su back to root so I can edit some config files.

Anybody have any insight?

abrazell

Unfortunely FTP doesn't use normal user accounts, it uses other ones,

Originally posted by roly
Unfortunely FTP doesn't use normal user accounts, it uses other ones,

I've found that much more often than not, ftpd's are setup to use user accounts, and that its somewhat uncommon for other setups...just my experience though.

Anyways, back on topic... :o Abrazell, I don't think there are any ftpd's that can do that...it would be pretty pointless, not to mention a security risk, and that's not counting that ftp is generally done unencrypted. Though your server shouldn't allow it, you could try ftping using root, but you better change your root pass right after you do. Btw what could you do using just ftp?

On second thought, just get the support staff to fix it :stickout

ask your server provider to switch of ipchains or iptables (depends what you are running) so you can access your server and re-configure firewall....

This is the only way

Chances are you are running an insecure kernel and/or services, so just remotely root your own box, or get some blackhats to do it for you :D

Otherwise, I trust you have either the Telnet or the SSH daemon to start on boot, so perhaps requested a powercycle?

did your server come with a control panel? if so you might be able to enable telnet/ssh from there.

I use SecureCRT for ftp via root. When I have a bunch of files to delete I dont want to sit there doing rm -rf blah all day. I login with this and just click a few things and its all gone. It's ftp over ssh. It's called sftp and it is very helpful. Just as secure as ssh.

good info guys.

I guess my problem is, all I can do via FTP is login as admin. I can't get back to root to do anything. If I could I'd change my password right away and if I could find a blackhat I'd try to get him to get me in... :dgrin:

Anyways, I'll keep on lookin...

abrazell