Re: trusted hosts in a network
According to Oliver Elphick <email@example.com>:
> Andy Spiegl wrote:
> >I found the man page about hosts.equiv:
> > The hosts.equiv file allows or denies hosts and users to
> > use the r-commands (e.g. rlogin, rsh or rcp) without sup=AD
> > plying a password.
> >But I can't seem to set it up correctly. I tried
> >on one machine and
> >on the other (yes, those two are the host names), and I even
> >tried a single '+', but I still get the password prompt.
> >I just don't see what's wrong? Help, please!
> 1. It should be enough just to list the machine names; the `+' is
> unnecessary. I use the full machine and domain name, but I'm not
> sure if this is actually necessary.
> 2. The man page for rlogind says that it is possible to turn off the
> use of /etc/hosts.equiv or ~/.rhosts with the option `-L'.
> 3. If you are logged in as root, you can't use /etc/hosts.equiv. You
> can't use ~/.rhosts either unless rlogind is also invoked with `-h'.
> (That is how I interpret the man page for rlogind.)
> You don't want to use `-h' if your network has any exposure to the =
That's how I understand the man page, too. I tried your suggestion
of leaving out the '+', but the behavior didn't change. Then I read
(I think in hosts.equiv man page) that everything may be different,
when PAM is installed. I checked and yes, I have PAM, because SAMBA
needs that. I tried to understand how to configure PAM so it would
let me log in w/o password, but there is not a whole lot of docu-
mentation and that didn't help me. :-(
Does anyone else know enough about PAM to help me there?
Or maybe I am wrong and it's not a PAM question after all?
Andy Spiegl, University of Technology, Muenchen, Germany
E-Mail: spiegl@Appl-Math.TU-Muenchen.de OR: Andy.Spiegl@WriteMe.com
PGP fingerprint: B8 48 24 7B DB 96 6F 1C D9 6D 8E 6C DB C2 E7 E9
o _ _ _
--------- __o __o /\_ _ \\o (_)\__/o (_)
------- _`\<,_ _`\<,_ _>(_) (_)/<_ \_| \ _|/' \/
------ (_)/ (_) (_)/ (_) (_) (_) (_) (_)' _\o_
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .