[sf-lug] problem with callback on embedded linux box

jim stockford jim at well.com
Mon Oct 23 08:48:49 PDT 2006

Here's what i think is an interesting problem. Some one
elsewhere asks:
Does anyone have experience with callback on Linux with mgetty?

I'm trying to get it working on a Cyclades console server box that has 
imbedded Linux. I can get the callback to work, but I want to turn off 
direct dial in.

Currently the way it works is you have a user in 
/etc/mgetty/login.config. If you call into the box and enter that name 
(the default is cbuser) it will hang up and call you back at the number 
associated with that user. That works fine.

The problem is if you enter any other user with a login in etc/passwd, 
like root, you are prompted for a password and you're logged in. Since 
this box will sit on the customer's network, if someone gets in, they 
can go anywhere, not to mention accessing the router/switches that this 
box is connected to.

This is a major security issue and if a solution is not found by the 
vendor or myself, I will have to start looking for a different console 
server solution that will work.

Here's a description of how it works, but they don't address the dialin 


(for those that haven't seen my posts in MS Windows or Networking, I 
inherited this project and they already had evaluation units from 

More information about the sf-lug mailing list