Date: Tue, 11 Apr 2000 08:50:57 -0700 (PDT) From: John Polstra <jdp@polstra.com> To: thyerm@camtech.net.au Cc: current@freebsd.org Subject: Re: error reports by rshd in /var/log/messages Message-ID: <200004111550.IAA05779@vashon.polstra.com> In-Reply-To: <Pine.BSF.4.21.0004112014220.3721-100000@dx4.my-unregistered-domain.com> References: <Pine.BSF.4.21.0004112014220.3721-100000@dx4.my-unregistered-domain.com>
index | next in thread | previous in thread | raw e-mail
In article <Pine.BSF.4.21.0004112014220.3721-100000@dx4.my-unregistered-domain.com>,
Matthew Sean Thyer <thyerm@camtech.net.au> wrote:
> > The way PAM works, that will let _anybody_ login via rsh without a
> > password. I don't think it's what you want.
>
> Wont this only happen when rshd becomes PAMerised ? or has that
> happened already ?
I haven't been following PAM closely as it is now maintained by Mark
Murray <markm@freebsd.org>. Also, I never use rsh. But rshd must
have been PAMerized already -- otherwise it couldn't emit the messages
you reported.
> If its already been done, why the console messages ?
Probably you got the messages because your pam.conf file wasn't
up-to-date. Here's what I see in "src/etc/pam.conf":
# r-utils are broken; ensure this doesn't bother folk
rshd auth sufficient pam_deny.so
These lines were added on January 4th by markm.
John
--
John Polstra jdp@polstra.com
John D. Polstra & Co., Inc. Seattle, Washington USA
"Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004111550.IAA05779>