-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 15 August 2003 02:49, you wrote: > Se da: > RH 7.3 cam default, inclusiv rsh-server-0.17-5. > /etc/xinet.d/rlogin este cel implicit; /etc/hosts.equiv contine un "+". > /etc/pam.d/rlogin arata asa: > #%PAM-1.0 > # For root login to succeed here with pam_securetty, "rlogin" must be > # listed in /etc/securetty. > auth required /lib/security/pam_nologin.so > auth required /lib/security/pam_securetty.so > auth required /lib/security/pam_env.so > auth sufficient /lib/security/pam_rhosts_auth.so promiscuous > auth required /lib/security/pam_stack.so service=system-auth > account required /lib/security/pam_stack.so service=system-auth > password required /lib/security/pam_stack.so service=system-auth > session required /lib/security/pam_stack.so service=system-auth > > > Problema: indiferent ce ar fi in ~/.rhosts accesul fara parola este > permis numai daca username e acelasi pe masina asta si pe host-ul de la > care se face conectarea. Nu a mers nici macar cu "+ +" in ~/.rhosts. > Merge in schimb fara ca ~/.rhosts sa existe macar, daca userul e acelasi > (evident e din cauza lui hosts.equiv). Sau altfel spus, comportamentul e > tipic pt ignorarea lui .rhosts. > > Se cere: care e cauza (si eventual cum se remediaza - fara a fi root pe > masina cu problema) ?
1. rlogind verifica mai intai existenta fisierului /etc/hosts.equiv. Daca exista dar nu face nici un match cu userul sau hostname-ul care initiat comenzile remote atunci cauta $HOME/.rhosts 2. fisierele .rhosts si hosts.equiv intotdeauna tb sa aiba 600 3. daca root initiaza comenzi remote atunci fisierul hosts.equiv este ignorat si este citit numai .rhosts - -- Cu respect/Best Regards, Adrian Mazarache Public key: http://london.forte.ro/mazasign.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/PKCxEbm/AUY3ZdkRAuKGAKCVAGakHoWQA0AEoN7UwbJhDZklZwCfZrgc RJFxDnlU7PUDjtdblIyvU5I= =2CLi -----END PGP SIGNATURE----- --- Detalii despre listele noastre de mail: http://www.lug.ro/
