Re: RedHat 6.0 Root Remote Login
In article <cistron.Pine.LNX.4.10.9907092350380.13760-100000@pixel.pixelfusion.co.uk>,
Gordon Henderson <gordonh@pixelfusion.co.uk> wrote:
>Theres lots of excellent reasons to want to do it though. Eg. I want to
>copy a file to a dozen other Linux boxes and now I have to use scp which
>is a lot slower than rcp. Recently I had to move 20GB's of data from one
>machine to another - in the past, I'd have used rsh, dump & restore. Had
>to use ssh which encrypted everything and ran really really slow. I was
>not impressed when I found out that the powers that be behind Debian had
>crippled this very usefull feature. There are worse security holes in
>systems and I don't think that .rhosts in the /root directroy is one of
>them.
It's not crippled, it's just turned off by default. By the upstream
package, if I'm not mistaken, so it's not a "debian" thing (correct
me if I'm wrong). It's very easy to turn it back on again.
Read man rshd(8):
8. Rshd then validates the user using ruserok(3), which uses the file
/etc/hosts.equiv and the .rhosts file found in the user's home di
rectory. The -l option prevents ruserok(3) from doing any validation
based on the user's ``.rhosts'' file (unless the user is the supe
ruser and the -h option is used.) If the -h option is not used, su
peruser accounts may not be accessed via this service at all.
As you can see, you need to add '-h' to the invocation of rshd
through inetd by editting /etc/inetd.conf and you can use rsh as
root again.
Mike.
--
Beware of Programmers who carry screwdrivers.
Reply to: