Re: ruserok() & /etc/hosts.equiv

Uwe Ellermann (ellerman@rzdspc2.informatik.uni-hamburg.de)
Wed, 4 May 94 11:11:46 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Carl Corey: "RSA Broken?"
Previous message: Walker Aumann: "Re: ruserok() & /etc/hosts.equiv"
Maybe in reply to: Walker Aumann: "ruserok() & /etc/hosts.equiv"
Next in thread: Wietse Venema: "Re: ruserok() & /etc/hosts.equiv"

> From: Walker Aumann <walkera@druggist.gg.caltech.edu>
>
> It seems that the only breakage is that if there is a '+' in the hosts.equiv
> file, it ignores users' .rhosts files, except that rlogin and rsh let people
> in from any host as long as the same username is used.  Now, I think that it
> would be great to have the option of turning off .rhosts usage, rather than
> having to police every user's .rhosts file, but this isn't it.
> 

There is the "-l" option in the BSD sources, which does exactly this...

...but it's not supported on Sun and DEC UNIX. 
It is in AIX (according to the man-page).

To install this feature on SunOS, this is roughly what I have done:
1) got the BSD sources (available via anonFTP from ?)
2) compiled rlogind.c and rcmd.c (for ruserok())
3) installed with -l option

This works for SunOS 4.1.x.
On SunOS 5.3 I use a modified source from Wietse Venema's logdaemon-4.1
(FTP: ftp.win.tue.nl or  
      ftp.informatik.uni-hamburg.de: /pub/security/tools/net/logdaemon).

	Uwe

Next message: Carl Corey: "RSA Broken?"
Previous message: Walker Aumann: "Re: ruserok() & /etc/hosts.equiv"
Maybe in reply to: Walker Aumann: "ruserok() & /etc/hosts.equiv"
Next in thread: Wietse Venema: "Re: ruserok() & /etc/hosts.equiv"