[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Offering external services, rlogins, smtp etc: how does it work?



On Fri, Jul 07, 2000 at 09:02:39AM +0930, Mark Phillips wrote:
> 
> I've heard it said that rlogin has security problems, but I don't
> understand why?  And surely if there are problems, these would be
> fixable?  Isn't Debian supposed to be extra security fix aware?

the r* commands are flawed by design, you cannot fix a flawed design,
only start over and replace it.  

> Now you say to use ssh or telnet, but then say this is just as risky!
> Why not use rlogin if it is no more risky than the alternatives?

no he meant telnet is just as risky, he phrased it badly though.  ssh
is fine just so you configure it properly and don't permit lame
passwords. 

> The point is that I need to offer the functionality of rlogin.  When I
> am elsewhere and I want to do a remote login to my machine, then I
> need rlogin or some equivalent.  If rlogin is currently insecure, why
> don't people make it secure?  What makes it so hard?

people have made rlogin, rsh, and rcp secure, the secure versions have
a new name however:

slogin, ssh, and scp.  all can be found in the ssh package.  


the problem with the r-commands is primarly they transmit everything
including passwords in plain text, allowing the session and all
passwords to be captured.  plain text sessions also allow for session
hijacking.  telnet is guilty of the plaintext problem as well.  

the worse problem with r-commands is they trust remote machines based
on the fact that they open ports below 1024.  they also allow
passwordless authentication from hostnames or IP addresses.  this is
inherently insecure.  (granted you could refrain from doing this) 

the r-commands are also all suid root and must be this way to
function.  the less suid binaries you have the better off you are.
(ssh does not need to be suid, unless you use the rsh backword
compatibility mode) 


overall there is nothing you can do with rlogin, rsh, and rcp that you
cannot do with ssh.  ssh is secure, r* is not.

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgptLhJHQYm9a.pgp
Description: PGP signature


Reply to: