Mailinglist Archive: opensuse-security (320 mails)

< Previous Next >
Re: [suse-security] .rhost everybody access
  • From: "Hubertus A. Haniel" <hubba@xxxxxxxxxxxx>
  • Date: Thu, 8 May 2003 21:12:36 +0100 (BST)
  • Message-id: <Pine.LNX.4.33.0305082103510.29751-100000@xxxxxxxxxxxx>

On Thu, 8 May 2003, Olaf Kirch wrote:

> Date: Thu, 8 May 2003 19:39:51 +0200
> From: Olaf Kirch <okir@xxxxxxx>
> To: Joao Reis <joao.reis@xxxxxxxxxxx>
> Cc: Anders Johansson <andjoh@xxxxxxxxxx>, suse-security@xxxxxxxx
> Subject: Re: [suse-security] .rhost everybody access
>
> On Thu, May 08, 2003 at 04:59:09PM +0100, Joao Reis wrote:
> > What is the necessary configuration in .rhost in order to aply the wished permissions ? :-)
>
> It used to be that "+ +" would allow any user from any host. But quite likely
> support for this has been disabled precisely to encourage people to look for
> other, more secure solutions.


To reenable that you will have to play with the options of the pam
modules, have a look at
/usr/share/doc/packages/pam/modules/README.pam_rhosts you will have to
add the "promiscuous" flag in /etc/pam.d/rsh and /etc/pam.d/rlogin to
pam_rhosts_auth.so. I would still recommend that you use ssh and I would
discurage shared accounts as they tend to be an administrative nightmare.

Best regards
Hubba




< Previous Next >
References