UNIX for Dummies Questions & Answers

I have a basic query. I use telnet and ftp very frequently. I want to do it without spending time in typing username and password everytime. I know that if I have .netrc file which contains server address, username, pasword, then just typing ftp will conect to that server with that username and password. Similarly is it possible to do that for telnet? Will be grateful if someone can help me. Thanks and regards
Asutosh

No. I do not think it is possible. The most you can do is "telnet -l <I>username</I>", but that is not supported on many systems. You can use ssh as an alternative which will do what you want.

I would advise against telnet at all costs if it can be avoided. The username and password get transmitted in clear text. Try ssh2 or even ssh (but ssh and openssh have problems with security) if at all possible. One major advantage of ssh is that you can place your public key on the remote machines and gain auto login abilities.

Lets be clear about that: openssh has security issues in versions 1.X. I do not believe that there are any known security problems in the later 2.x versions.

Thanks. But on solaris, telnet -l username works. But that again asks for username and password.
I could not find any documentation on ssh and ssh2. On solaris, it is not working. I work on solaris. Can U tell something?

I am aware of at least 3 major problems with OpenSSH recently. These I believe are 2.x versions. 1.x versions have problems associated with SSH1 which have been addressed by SSH2, but the OpenSSH problems recently found (which have been addressed) are 2.x problems in OpenSSH not found in the commercial SSH2, to my knowledge.

I don't have the specifics off hand, but searching through some of the security sites such as Bugtrax should turn these up.

If your systems exist in a trusted "secure" environment, inside a firewall, and you don't go outside that firewall, then you can use .rhosts and rlogin.
Each user has to be defined on the other system in a .rhosts file in the home directory of the user. For root, it should be in / or /root depending on the version.

Then you can use the command rlogin hostname -l username, and it will get you right in. Your syntax may vary.

Telnet is risky in an exposed environment, but I work for a very large telecom company in Dallas and we use it all the time. The key is to disable the .rhosts file when it is not in use and also restrict it to the System Admin only while preventing users from creating .rhosts files in their home directories. By limiting the use of .rhosts, you can prevent unscruplous users from allowing people into your systems.


I hope that doesn't sound preachy, but it is true. Security doesn't mean shutting everyone out all the time. You have to have a certain level of trust some of the time, for any work to get done.

Sorry, preachy again... I'll get off my soapbox now...