Dear Madams and Sirs, we have here a small, trusted network (with trusted users) that consists of a heterogenous (i.e., Suse, Redhat, Solaris) set of machines and operates a common, unified file system (w/ autofs and nis). We also would like to provide a convenient mechanism to remotely login to the various machines. This is especially important for shell scripts which have to run various parts of our process on different machines which have different sets of softwa After an internal evaluation, we came to the conclusion that rsh/rlogin is a better solution than ssh. Ssh comes with an overhead about authentification that is not justified in our small, trusted network. Also its encryption limits its performance. e.g., when transferring large amounts of data through remote copy or pipes. We also don't like to switch off these mechanisms in ssh because we still would like to use a strongened ssh for connections outside our network. If we were selectively switching off ssh's security mechanisms, we would see a risk that we would introduce wholes in our security system (mainly because of human-cause configuration errors). We would like to keep rsh and ssh separated. My favorite solution would be to use /etc/hosts.equiv, e.g.

+@catnet in order to enable for the whole netgroup. (fyi. ypmatch -k catnet netgroup yields: catnet (veltins,,) (holsten,,) (spaten,,) (andechs,,) (becks,,) (paulaner,,) Then, I would like to rsh, e.g.: rsh andechs pwd

@catnet gordon +@catnet gordon +@catnet @catnet into .rhosts. That does not work either. The only thing that would is to

Alternatively, I could put either of those put the whole list of hosts literally into .rhosts

holsten gordon

BTW, in my /etc/nsswitch.conf, it says:

netgroup: files nis

What is wrong with it? How can I get get good-old hosts.equiv back to work again? It might have something to do with PAM. I don't understand PAM though, and I don't find anything about my topic in its documentation. Best Regards, Gordon.