Visit Our UNIX and Linux User Community


rlogin & telnet


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers rlogin & telnet
# 8  
Old 11-02-2001
I found in some cases even with a .rhosts file on Red Hat that it was still prompting for user name and password which was a major problem for automated transfer programs that I needed to run rcp. If you are running into this problem you will need to add a file called <b>/etc/hosts.equiv</b> but this is not very secure. Much better to use ssh2 as suggested before.
# 9  
Old 11-02-2001
Quote:
Originally posted by dabrock
I found in some cases even with a .rhosts file on Red Hat that it was still prompting for user name and password
Probably due to permissions on your .rhosts file. Linux (unlike some other commercial Unices) requires that the .rhosts file not have any group or other permissions. In other words it should be mode 0600.
# 10  
Old 11-05-2001
Thanks, that could be it. I don't remember the file permissions exactly since it's been a while. I do remember the Unix servers we used had no problems so I will try this next time.
# 11  
Old 11-06-2001
Quote:
Originally posted by dabrock
I found in some cases even with a .rhosts file on Red Hat that it was still prompting for user name and password which was a major problem for automated transfer programs that I needed to run rcp. If you are running into this problem you will need to add a file called <b>/etc/hosts.equiv</b> but this is not very secure. Much better to use ssh2 as suggested before.
Be very careful with /etc/hosts.equiv. It can be dangerous. You can use .rhosts and be somewhat exposed but you won't give the user access to ROOT on the box like you will with /etc/hosts.equiv!

I just want all to understand that /etc/hosts.equiv gives you EQUIVILENCY AS ROOT. In other words, you will have the same ability as root because that is what hosts.equiv gives you.

As much as I love .rhosts and ssh, try to steer clear of hosts.equiv files on your systems. One good reason for this is that someone could spoof as a trusted system that is in hosts.equiv file and gain access to your whole network and do some real damage to your company!

Smilie
# 12  
Old 11-06-2001
As mentioned it was not the most secure decision. Perhaps I should metion that these were completely secured boxes and on an internal, network that was not accessable from outside. Also, even if someone had physically been able to gain access the contents of the machines were actually trivial enough not to worry us if someone did hack in.

I offer host.equiv only as a point of information, it is definitely too insecure to use on an exposed box. However, I want to clearify something: you only have the account equivalency that you transfer between machines, thus, <b>root</b> = <b>root</b>, but <b>ONLY root</b> = <b>root</b> so saying that you have root equivilancy is not exactly accurate. If you log in on a remote trusted machine as <b>user1</b> you can only be <b>user1</b> on the local machine so this method is not much more insure than using .rhost, except you don't have control of the exact accounts that are equivilent. In fact, it is very similar to trust between domains in a Windows network (host.equiv basically spells out a one-way trust in Windows terminology).

As for spoofing that is certainly a risk for any system and you should always have any server behind a properly setup firewall to avoid spoofing. If someone can hack through your firewall SSH can offer more protection. Again, the best solution is always the secure one such as SSH2.

Last edited by dabrock; 11-06-2001 at 11:04 AM..
# 13  
Old 11-06-2001
hosts.equiv

Yes I may have come across too strong. I agree with you that it is unsecure.

I only wanted to warn those who dont have secure environments like you and I have at work that it can be dangerous to use hosts.equiv.

Sorry for any strong statements that I had made. I only wanted to underscore the problems with /etc/hosts.equiv.

I agree that in a secure trusted environment it wouldn't be as much of an issue.

Again, sorry for wording my email too strongly.

Smilie Smilie
# 14  
Old 11-06-2001
Bug

Actually, no offense taken, I just realized that I didn't explain enough.
 

Previous Thread | Next Thread
Test Your Knowledge in Computers #206
Difficulty: Easy
Exterior Gateway Protocol (EGP) is a modern, widely used, routing protocol.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

cat & telnet

cat & telnet hello, I need some help on using a file with the cat command. I want to set up a telnet connection with a network device with the ip-adress 10.3.0.1. Just executing the command 'telnet 10.3.0.1' gives a menu. For example, to show the help of the menu, you... (2 Replies)
Discussion started by: michealvh
2 Replies

2. Shell Programming and Scripting

rlogin and telnet

I want to make a script which will execute a command from a remote server like below rlogin server1 then telnet server2 (username, password will be given) now execute command (it may "ls -l *.txt") and give the output I've to do this manually but want to make it automatic Script may... (4 Replies)
Discussion started by: shoeb
4 Replies

3. Shell Programming and Scripting

script for nested rlogin and telnet

I want to write a script that rlogins to a couple machines and then from the last machine, telnet into a final machine and execute a command. So in pseudocode it would look like: rlogin host1 from host1 rlogin host2 from host2 telnet host3 from host 3 execute command The reason for the... (6 Replies)
Discussion started by: mcburke38
6 Replies

4. IP Networking

rlogin,telnet-different or same?

Hai guys, Both "rlogin" and "telnet" are used to login remote host.Is there any differece between these 2 commands? (or) are both same? Thanks (1 Reply)
Discussion started by: Felicia23
1 Replies

5. Solaris

rlogin, telnet connections timeout

Hi, I have a Sun Ultra 5 desktop with Solaris 8. When I telnet/rlogin into any other host, the connection closes after few hours of inactivity. I also have another Windows box which I use rarely. But when I telnet/rlogin into the same hosts using putty, the connection stays for days without any... (5 Replies)
Discussion started by: dr_gsb
5 Replies

6. UNIX for Advanced & Expert Users

diable telnet & ftp

Hi All, I need to stop all the services for telnet & FTP as we want our server to be more secure. Please give me some steps for jumping to SSH protocol. How can i disable telnet & ftp service on my server. (1 Reply)
Discussion started by: pradeep_desh
1 Replies

7. Shell Programming and Scripting

telnet & su in shell script

Hi, Any scripting experts out there that can point me to the right direction of writing a script using telnet and su to access a server without any users interaction such as login and entering passwd. Thanks. Thanks in advance vastare (1 Reply)
Discussion started by: vastare
1 Replies

8. UNIX for Dummies Questions & Answers

telnet, rlogin, ssh login probblem

Hello Friends, I had an IRIX box won't let me login with any IDs (even root) Telnet, Rlogin, SSh. However, I can login by single user with root ID. Telnet login >>> Connection closed by forgeign host. Rlogin >>> Connection closed SSh login >>> connection to address ???.????.???.??? ... (1 Reply)
Discussion started by: anphdula
1 Replies

9. Cybersecurity

telnet on AT&T MLS V

How do I enable telnet access to a system running AT&T MLS? (1 Reply)
Discussion started by: smartgod
1 Replies

10. UNIX for Dummies Questions & Answers

rsh & rlogin

I'm trying to execute the next command: " rsh CompName date " which means i want to get the date from a machine which i have its CompName. but i get the answer : "Connection refused" what do i need to do ? how can i sign myself as user or guest in the other machine ? thanks in... (2 Replies)
Discussion started by: Inbal
2 Replies

Featured Tech Videos