On Wed, 6 Sep 2000, Josef Wells wrote:
> I want to open my machine up to any and all rshing. I do not want anyone
> from any machine to be asked for a password on my machine if the rsh. How
> should I set up my /etc/pam.d/rsh file?
question 1: is your machine connected to the internet?
question 2: do you fancy the idea of providing horribly insecure,
plaintext, remote access to your internet connected machine?
if the answer to the first question is no, it isn't *quite* as bad of an
idea to use rsh, but still Not Good :) firewalls are not perfect, etc..
etc.. etc..
install openssh from www.openssh.com
run ssh-keygen, this will generate private and public keys, by default as
~/.ssh/identity and ~/.ssh/identity.pub.
append the identity.pub (public key) file to ~/.ssh/authorized_keys on
each host (using cat identity.pub >> authorized_keys).
copy the identity file (private key) to the same location on each machine
that will remotely access your box.
this will allow you to ssh to each host w/o a password challenge (as long
as you leave the passphrase blank) without being blatantly insecure.
otherwise, you can just add hostnames to /etc/rhosts.equiv (IIRC) or
~/.rhosts (to allow access specifically from that user on remote
machines).
As I said before, this is blatantly, violently insecure.. it's a nasty way
to allow remote access and generally a Bad Idea. you have been warned :)
> I cannot just add an /etc/hosts.equiv because this whole network is NISed
> and NFSed out the ying yang.
IIRC, you can specify *which* files NIS should share, perhaps hosts.equiv
shouldn't be one of them..
have fun!
-Justin
------------------------------------
Justin Ryan - [EMAIL PROTECTED]
Linux Education, TeamLinux Corp.
http://www.team-linux.com
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
