Re: hosts.equiv ignored after pam updates? (rsh/rlogin)
On Tue Sep 11 2007 at 10:37 PM -0700, Bill Brelsford wrote:
> After a recent update to sid, incoming rlogin and rsh connections
> ignore /etc/hosts.equiv (and ~/.rhosts) and ask for a password or
> fail with "permission denied". The rsh-server (and -client)
> packages were not updated, but libpam-modules, libpam-runtime and
> libpam0g were upgraded to 0.99.7.1-4. I'm not sure one of them is
> the culprit (and see no new bugs filed for them), but pam is
> involved in the authentication process.
>
> Is this a known problem? Anyone else experiencing it?
On Thu Sep 13 2007 at 05:20 PM +0200, Lewis, James M. wrote:
> I have the same problem and have not been able to pick
> through it yet. Like you, I suspect a change in a pam
> module. There are only a few to check but I have not
> had time to do it yet. Look in /etc/pam.d/rsh...
I did, but didn't go quite far enough. The problem seems to be
/lib/security/pam_rhosts_auth.so -- replacing it with the old
version fixes it. I'll file a bug against libpam-modules.
Thanks!
--
Bill Brelsford
k2di2@att.net
Reply to: