Date: Tue, 11 Apr 2000 08:50:57 -0700 (PDT) From: John Polstra <jdp@polstra.com> To: thyerm@camtech.net.au Cc: current@freebsd.org Subject: Re: error reports by rshd in /var/log/messages Message-ID: <200004111550.IAA05779@vashon.polstra.com> In-Reply-To: <Pine.BSF.4.21.0004112014220.3721-100000@dx4.my-unregistered-domain.com> References: <Pine.BSF.4.21.0004112014220.3721-100000@dx4.my-unregistered-domain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.BSF.4.21.0004112014220.3721-100000@dx4.my-unregistered-domain.com>, Matthew Sean Thyer <thyerm@camtech.net.au> wrote: > > The way PAM works, that will let _anybody_ login via rsh without a > > password. I don't think it's what you want. > > Wont this only happen when rshd becomes PAMerised ? or has that > happened already ? I haven't been following PAM closely as it is now maintained by Mark Murray <markm@freebsd.org>. Also, I never use rsh. But rshd must have been PAMerized already -- otherwise it couldn't emit the messages you reported. > If its already been done, why the console messages ? Probably you got the messages because your pam.conf file wasn't up-to-date. Here's what I see in "src/etc/pam.conf": # r-utils are broken; ensure this doesn't bother folk rshd auth sufficient pam_deny.so These lines were added on January 4th by markm. John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004111550.IAA05779>