Re: trusted hosts in a network
Andy Spiegl wrote:
>Hi again,
>
>I've got a mini network with two debian machines, and would like
>to set them up so that all users can login from one machine to
>the other without being asked for a password. I know I could
>use .rhosts files for this, but that requires every user to set
>it up. I would like a global solution.
>
>I found the man page about hosts.equiv:
>
> The hosts.equiv file allows or denies hosts and users to
> use the r-commands (e.g. rlogin, rsh or rcp) without sup
> plying a password.
>
>But I can't seem to set it up correctly. I tried
>+mpci
>
>on one machine and
>+mpcii
>
>on the other (yes, those two are the host names), and I even
>tried a single '+', but I still get the password prompt.
>I just don't see what's wrong? Help, please!
1. It should be enough just to list the machine names; the `+' is
unnecessary. I use the full machine and domain name, but I'm not
sure if this is actually necessary.
2. The man page for rlogind says that it is possible to turn off the
use of /etc/hosts.equiv or ~/.rhosts with the option `-L'.
3. If you are logged in as root, you can't use /etc/hosts.equiv. You
can't use ~/.rhosts either unless rlogind is also invoked with `-h'.
(That is how I interpret the man page for rlogind.)
You don't want to use `-h' if your network has any exposure to the
outside world!
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://lfix.co.uk/oliver
PGP key from public servers; key ID 32B8FAA1
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: