search for: rlogin

IF ssh is a replacement for rlogin,rsh etc I can accept it respecting rlogin=false as rlogin does and rsh does not, however scp is a replacement for rcp, and rcp does NOT use rlogin attribute, so the implementation is NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented. thanks mark

http://bugzilla.mindrot.org/show_bug.cgi?id=1284 Summary: allow sftp when rlogin=false Product: Portable OpenSSH Version: v4.5p1 Platform: Other OS/Version: AIX Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dleonard a...

...sions et al added the xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when I use the rsh commands, I get either a password prompt or some Kerberos stuff that I don't use. ie: rexec intrbase ls password: and connect to address 192.168.99.211: Connection refused Trying krb4 rlogin... connect to address 192.168.99.211: Connection refused trying normal rlogin (/usr/bin/rlogin) Last login: Thu Feb 2 07:47:37 from spare As you can see this is for an internal network, so I'm not freaked out about security here. I can't seem to find anything in the help files about it....

Very early on in what seems to be quite a hot debate sometimes, I pointed out that sshd only controls rlogin=false at its startup, and if it is changed, sshd simply ignores it ie: chuser rlogin=true root sshd chuser rlogin=false root Will result in sshd ACCEPTING login from root, ie it seems to only check at its startup - is this a bit like ulimit behavior where you need need to log out and in to get it...

Hello. I noticed that OpenSSH 2.1.1p3 does not check whether it is being called as rlogin or slogin, like it's siblings do. This can get ugly if you have rlogin and rsh symlinked to ssh, and old r* commands are moved off in another place, as I do. Since Solaris rsh is hardcoded to call /usr/bin/rlogin, it will get stuck in an infinite loop. Below is a quick patch I hacked up, ba...

Thanks to everyone who has replied to my emails so far - to summarise: AIX allows setting of rlogin=false and and a su group, or a list of users that are permitted to "su" to root. ( or other functional ids ) This means with entries in /etc/ftpusers, it is possible to : 1/ Track who used root via sulog and or external logging 2/ Protect root even if the root password is compromised 3/...

...--------------- CC| |aixtools at gmail.com --- Comment #1 from Michael Felt <aixtools at gmail.com> --- Just thought it could be useful to review the current situation. re: (openssh-aix's patch is actually buggy as described at: "Bypasses rlogin=false" at http://sourceforge.net/tracker/index.php?func=detail&aid=1346058&group_id=127997&atid=710254) This is not an openssh (aix patch bug) - it works as designed. a) by default, for all users other than root "rlogin=false" blocks a user from logging in using openssh....

...nect to address 10.24.15.48 port 544: Connection refused trying normal rsh (/usr/bin/rsh) poll: protocol failure in circuit setup Now, if I just reomtely login to khan (our cvs server), I get this: [mrichter at sushi ~]$ khan connect to address 10.24.15.48 port 543: Connection refused Trying krb4 rlogin... connect to address 10.24.15.48 port 543: Connection refused trying normal rlogin (/usr/bin/rlogin) Last login: Fri Jul 4 18:19:01 from viper [mrichter at khan mrichter]$ Voila - I'm logged in. Also, if I try an rsh from another machine (viper - FC1), I get this: [mrichter at viper mricht...

...#39;-lresolv' make make install cp nsswitch/pam_winbind.so /usr/lib/security cp nsswitch/libnss_winbind.so /lib/nss_winbind.so.1 ln -s /lib/nss_winbind.so.1 /usr/lib/nss_winbind.so.1 I can browse my samba shares and the active directory 2003 authentication works fine. Ive modified pam.conf so rlogin should use pam_winbind rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1 rlogin auth sufficient /usr/lib/security/pam_winbind.so try_first_pass rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 however if I try and login using rlogin -l AD03+richard.batty localhost...

...uot;use ssh" comments.. rsh is what i'm dealing with for now!!) i've got a few boxes in my network, and i can successfully rsh into them with no issue. however, on one box, i can't access it using rsh, and i'm running out of things to try... kind of curious. i can login using rlogin. i've modifed the /etc/pam.d/rsh,rlogin files, along with the /etc/securetty file. i've also changed the /etc/xinetd.d/(rsh,rlogin)files. as far as i can tell, nothing else has been changed... the curious thing. as far as i can tell... the files on the system that doesn't work, are th...

Hi How to get rid of kerberos, or at least to prevent to go into path? Where is defined the path for users? I need to configure and use rtools (I know that I should use ssh, but I need rtools) and I think very annoying the messages from Kerberized rsh or rlogin, like this: -sh-3.2$ rsh kitten02 connect to address 192.168.89.2 port 543: Connection refused Trying krb4 rlogin... connect to address 192.168.89.2 port 543: Connection refused trying normal rlogin (/usr/bin/rlogin) Last login: Tue Jun 3 20:17:32 from kitten01 -sh-3.2$ But if kerberos is not in...

http://bugzilla.mindrot.org/show_bug.cgi?id=1226 Summary: sftp-server does not respect rlogin = false Product: Portable OpenSSH Version: 4.3p2 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: cris at b...

http://bugzilla.mindrot.org/show_bug.cgi?id=1227 Summary: sftp-server does not respect rlogin = false Product: Portable OpenSSH Version: 4.3p2 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: cris at b...

http://bugzilla.mindrot.org/show_bug.cgi?id=383 ------- Additional Comments From markus at openbsd.org 2002-08-23 07:46 ------- what does "rlogin set to false" mean? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hi I'm trying to get winbindd work with authentication for other services. Winbindd works fine in samba. I get these errors using rlogin from another server to sun10. Oct 31 08:26:11 sun10 pam_winbind[26694]: request failed, PAM error was 4, NT error was NT_STATUS_INVALID_PARAMETER Oct 31 08:26:11 sun10 pam_winbind[26694]: internal module error (retval = 4, user = `tommyf' Supported configurations for passwd management are as...

...al_auth) # login auth requisite pam_authtok_get.so.1 login auth sufficient pam_dhkeys.so.1 login auth sufficient pam_unix_auth.so.1 login auth sufficient pam_dial_auth.so.1 login auth sufficient /usr/lib/security/pam_winbind.so.1 try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient pam_rhosts_auth.so.1 rlogin auth requisite pam_authtok_get.so.1 rlogin auth sufficient pam_dhkeys.so.1 rlogin auth sufficient pam_unix_auth.so.1 rlogin auth sufficient /usr/lib/securi...

...sts file. A match follows and the account is open. WHO IS AFFECTED? Unfortunately, the effects of this vulnerability reach beyond the Linux community. For example, users named langford have been able to walk into my Linux account for months. From that Linux account, user langford could freely rlogin to other departmental machines and NASA government machines. In particular, administrators of sites with multiple IP addresses might consider disabling rlogin access to their machines, with the understanding that not all Linux users will fix the rlogin problem immediately. HOW TO FIX IT? I remov...

...xplicit because of pam_dial_auth) # login auth required /usr/lib/security/pam_winbind.so login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_winbind.so rlogin auth sufficient pam_rhosts_auth.so.1 rlogin auth requisite pam_authtok_get.so.1 rlogin auth required pam_dhkeys.so.1 rlogin auth required pam_unix_...

I'm new to rsync and trying to configure it to run through either the daemon or rsh (ssh is not avalilable). Doing an 'rlogin production' results in a password prompt - which I want rid of, as we're basically going to have a robot user running a cron job that utilises rsync. I'm at a loss as to why I can't configure rlogin to user hosts.equiv or similar - any help on this would be greatly appreciated as i...

...ired /usr/lib/security/pam_winbind.so try_first_pass login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 try_first_pass login auth required pam_dial_auth.so.1 try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_winbind.so try_first_pass rlogin auth sufficient pam_rhosts_auth.so.1 rlogin auth requisite pam_authtok_get.so.1 rlogin auth required pam_dhkeys.so.1 rlogin auth requi...