I start up the telnet server in a Fedora matchine. The configure file "/etc/xinit.d/telnet" is:
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
}
I can only telnet to this matchine with other users except root. How can I telnet to this server by root.

Thanks

I will not answer your question. Others would do the same? No one ever want to telnet as root and any OS. Very very unsafe. Prefer to use ssh. Open port 22 in iptables and use secure shell.

Round #2
telnet in as your normal user, then type:
su -

I want to know how the telnet server works. I have seen some systems can be telnet by root, so I want to know how to do that.

telnet access is controlled by pam with file /etc/pam.d/login.
The first line of this file shows
auth required pam_securetty.so
pam_securetty.so use file /etc/securetty which lists ttys from which root can log in.

I will not answer your question. Others would do the same? No one ever want to telnet as root and any OS. Very very unsafe. Prefer to use ssh. Open port 22 in iptables and use secure shell.
I think that security is better when you know how it works.
Round #2
telnet in as your normal user, then type:
su -
Why su - is better than direct login?

I read the files /etc/pam.d/login and /etc/securetty in two systems( one can be login with root, the other can't). But they are exactly same. So I think these two files can't control the access permission of telnet.

Why su - is better than direct login?

One argument is that an attacker will have to discover/brute-force two passwords instead of one. A regular user password and, then, the root password. Also, root is an obvious try for someone trying to hack into a Linux system; by not allowing a root login, you force the attacker to discover a valid username (not really unbreakable security, but every bit helps).

But take care of telnet. Unless the connections occurs within a trusted network (i.e. not the internet), you should use ssh. Telnet is not encrypted and all you communication will occur in plaintext; this is bad because someone listening to the network can discover your passwords and gain access to your system really fast.

For the sake of completeness, you can encrypt a telnet session by running it through a ssh tunnel; but then you could use just ssh instead (unless you really need telnet for some app that doesn't like ssh's terminal emulation).

How do you use ssh to access to a system?

How do you use ssh to access to a system?

Basically, you run sshd (the ssh server) at the machine you want to access. Then, you type "ssh username@address" at the client machine like you do with telnet.

A tutorial by Firewing1 for configuring many servers, including ssh, can be read here: http://forums.fedoraforum.org/showthread.php?t=94257&highlight=ssh+server

For a better understanding of what ssh is, check this link: http://old.cpsc.ucalgary.ca/Help/internet/ssh/intro.html

I read the files /etc/pam.d/login and /etc/securetty in two systems( one can be login with root, the other can't). But they are exactly same. So I think these two files can't control the access permission of telnet.

Well they do ! Maybe someone doctored the links in /lib/security . There are many bad ways to hackup local security. You can "trace -f" the telnetd and see exactly what it is doing.