Date: Tue, 18 Apr 2000 22:46:32 +0100 From: Brian Somers <brian@Awfulhak.org> To: csg@waterspout.com (C. Stephen Gunn) Cc: Warner Losh <imp@village.org>, freebsd-arch@freebsd.org, brian@hak.lan.Awfulhak.org Subject: Re: Outdated rdist in FreeBSD Base Message-ID: <200004182146.WAA00579@hak.lan.Awfulhak.org> In-Reply-To: Message from csg@waterspout.com (C. Stephen Gunn) of "Tue, 18 Apr 2000 11:22:27 CDT." <200004181622.LAA02964@dustdevil.waterspout.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Tue, 18 Apr 2000 10:07:39 CST, Warner Losh wrote:
>
> > In message <20000418092044.A2172@waterspout.com> "C. Stephen Gunn" writes:
> > : > Agreed. And I think there are still some security concerns with
> > : > rdist.
> > :
> > : Can you provide us with some specifics?
> >
> > Beyond the big, huge gaping one of using the woefully insecure rcmd
> > port, none come to mind at the moment.
>
> Oh yeah.. That. <grin>
>
> We run rdist over ssh, so we're not as worried about the rcmd
> stuff after you add two key exchanges (one for the hosts, and
> one for the user).
It's been a while, but AFAIR I needed to install rdist6 because I
*couldn't* run rdist over ssh !
I think that big gaping hole is an anti-hole !
> - Steve
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004182146.WAA00579>