Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: rlogin always allowed ?
Operating Systems AIX rlogin always allowed ? Post 302408241 by zaxxon on Monday 29th of March 2010 02:52:11 AM
Old 03-29-2010
Have no AIX 6.1 box here, but on 5.3 it works like intended. You could try to create empty .rhosts and hosts.equiv just to check if it behaves different.
Else you can always comment the rlogin line in the /etc/inetd.conf and do a
Code:
refresh -s inetd

to disable it completely, if that's a temporary solution for you.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

User should not be allowed to change passwd

Hi Group, Can anyone assist me with this? I am on AIX 5.2 ML06. I create the user and assign a passwd. But I do not want the user to change the passwd at all. I like him/her to use the passwd that I have set for him/her. Any ideas would be highly appreciated!!! Thanks. (3 Replies)
Discussion started by: brookingsd
3 Replies

2. UNIX for Dummies Questions & Answers

Ldap dn chars allowed

Hi Is it possible to add the following to an ldif entry: dn=estmmartín i.e Note the charchter 'í' Thanks in advance (3 Replies)
Discussion started by: tom123
3 Replies

3. UNIX for Dummies Questions & Answers

I am the owner,yet not allowed the change the ownership

sm860 IS the owner of the files below,but yet sm860 cannot change the ownership to bpt3a1.Please let me know why ? See below for details --- sm860@unixs741_DEV:/usr/gdp/home/ftp/bpt3a1/incoming/ahdb/T5/pcasav/daily $ ls -l pcasav* -rw-r--r-- 1 sm860 gdpintegrators 821 Sep 21 16:15... (8 Replies)
Discussion started by: MSHETTY
8 Replies

4. Web Development

access to my server is always allowed

Hi, I can't deny the access to my server. if I visit http://localhost I can always see all the files. Why ? <Directory /> Options FollowSymLinks AllowOverride None Order allow,deny Deny from All </Directory> <Directory "/Users/aneuryzma/Sites"> (4 Replies)
Discussion started by: aneuryzma
4 Replies

5. UNIX for Advanced & Expert Users

how to check if I'm allowed to ssh several hosts.

Hi guys! I'm working on a little script. I have a txtfile with several hosts, Unix team has copied my keys into several of those servers, but not all of them, I need to figure out which ones I don't have access to, (I want a list of servers I don't have access to, so I can request for it). This... (1 Reply)
Discussion started by: erick_tuk
1 Replies

6. Shell Programming and Scripting

space not allowed in input

I have this script. (options is an array) It works fine. It responds fine to all items that are stored in the array. But when I press spacebar when I am asked for input. It will not give an error only run the function again. While I put : || ] in the script to capture the space. What am I missing... (6 Replies)
Discussion started by: Alex400
6 Replies

7. Programming

Why is subclassing not allowed for many of the SWT Controls?

hi guys, Why is subclassing not allowed for many of the SWT Controls? But Eclipse itself creates our Shell classes in this way (inheriting from Shell) and then overriding checkSubclass() with empty body. So is it good(safe) that we do this way? I have two shells (Shell_1, Shell_2). Shell_1 is... (0 Replies)
Discussion started by: majid.merkava
0 Replies

8. HP-UX

Are you allowed to use the same vswitch for 2 separate HPVMs?

Can you use the same vswitch for multiple HPVMs? The reason I ask is because I created a vswitch and assigned it to one hpvm, and I was able to get it on the network. Then I created a second hpvm and used the same vswitch, and I am able to ssh/sftp TO the second hpvm, but I am unable to ping... (8 Replies)
Discussion started by: bstring
8 Replies

9. Post Here to Contact Site Administrators and Moderators

Not allowed to post URLs

Hi, I tried to post some perl code for discussion (wrapped in swaddling . However, a regex has an escaped backslash so the forum parser sees it as an URL? Had the same experience with the sample data that I tried to provide for the same discussion. It contains emails addresses,... (1 Reply)
Discussion started by: msutfin
1 Replies

LEARN ABOUT NETBSD

rhosts

HOSTS.EQUIV(5)						      BSD File Formats Manual						    HOSTS.EQUIV(5)

NAME

     hosts.equiv, .rhosts -- trusted remote hosts and host-user pairs

DESCRIPTION

     The hosts.equiv and .rhosts files list hosts and users which are ``trusted'' by the local host when a connection is made via rlogind(8),
     rshd(8), or any other server that uses ruserok(3).  This mechanism bypasses password checks, and is required for access via rsh(1).

     Each line of these files has the format:

	   hostname [username]

     The hostname may be specified as a host name (typically a fully qualified host name in a DNS environment) or address, ``+@netgroup'' (from
     which only the host names are checked), or a ``+'' wildcard (allow all hosts).

     The username, if specified, may be given as a user name on the remote host, ``+@netgroup'' (from which only the user names are checked), or a
     ``+'' wildcard (allow all remote users).

     If a username is specified, only that user from the specified host may login to the local machine.  If a username is not specified, any user
     may login with the same user name.

EXAMPLES

     somehost
	   A common usage:  users on somehost may login to the local host as the same user name.
     somehost username
	   The	user  username	on  somehost may login to the local host.  If specified in /etc/hosts.equiv, the user may login with only the same
	   user name.
     +@anetgroup username
	   The user username may login to the local host from any machine listed in the netgroup anetgroup.
     +
     + +
	   Two severe security hazards.  In the first case, allows a user on any machine to login to the local host as the same user name.  In the
	   second case, allows any user on any machine to login to the local host (as any user, if in /etc/hosts.equiv).

WARNINGS

     The username checks provided by this mechanism are not secure, as the remote user name is received by the server unchecked for validity.
     Therefore this mechanism should only be used in an environment where all hosts are completely trusted.

     A numeric host address instead of a host name can help security considerations somewhat; the address is then used directly by iruserok(3).

     When a username (or netgroup, or +) is specified in /etc/hosts.equiv, that user (or group of users, or all users, respectively) may login to
     the local host as any local user.	Usernames in /etc/hosts.equiv should therefore be used with extreme caution, or not at all.

     A .rhosts file must be owned by the user whose home directory it resides in, and must be writable only by that user.

     Logins as root only check root's .rhosts file; the /etc/hosts.equiv file is not checked for security.  Access permitted through root's
     .rhosts file is typically only for rsh(1), as root must still login on the console for an interactive login such as rlogin(1).

FILES

     /etc/hosts.equiv  Global trusted host-user pairs list
     ~/.rhosts	       Per-user trusted host-user pairs list

SEE ALSO

     rcp(1), rlogin(1), rsh(1), rcmd(3), ruserok(3), netgroup(5)

HISTORY

     The .rhosts file format appeared in 4.2BSD.

BUGS

     The ruserok(3) implementation currently skips negative entries (preceded with a ``-'' sign) and does not treat them as ``short-circuit'' neg-
     ative entries.

BSD
								 November 26, 1997							       BSD
All times are GMT -4. The time now is 05:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy