1 Logins

1.1 Background info

Prerequisite: Root filesystem must be read-write

Per default, the passwordless login via telnet to the box is possible with three users
root
nobody
default

1.2 Secure the box

To secure the box, assign passwords or disable logins.

Create home directory: mkdir /root
In /etc/passwd set the home directory of root to /root
e.g.
root::0:0:root:/root:/bin/sh

Use command 'passwd' to change the password, afterwards check that a value is between 1st and 2nd ':'

/ # passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password:
Re-enter new password:
Password changed.

/ # cat /etc/passwd | grep "root:"
root:$1$N0m32sY9$PcSg7FffgPTcSLSQq7kKF.:0:0:root:/root:/bin/sh

Disable login for users default and nobody:
replace <username>:: by of <username>:x: to disable the login (basically set an unknown password)

Summarizing changes to /etc/passwd would be for example:

root:<some_pw_string>:0:0:root:/:/bin/sh
nobody:x:99:99:nobody:/:/bin/sh
default:x:1000:1000:Default non-root user:/:/bin/sh

To be save, test the telnet login with those users..