From owner-freebsd-current Mon Sep 24 22:20:11 2001 Delivered-To: freebsd-current@freebsd.org Received: from digger1.defence.gov.au (digger1.defence.gov.au [203.5.217.4]) by hub.freebsd.org (Postfix) with ESMTP id BB2BF37B425; Mon, 24 Sep 2001 22:20:04 -0700 (PDT) Received: from dsto-ms2.dsto.defence.gov.au (dsto-ms2.dsto.defence.gov.au [131.185.2.150]) by digger1.defence.gov.au (8.10.1/8.10.1) with ESMTP id f8P5JS803042; Tue, 25 Sep 2001 14:49:28 +0930 (CST) Received: from muttley.dsto.defence.gov.au (unverified) by dsto-ms2.dsto.defence.gov.au (Content Technologies SMTPRS 4.1.5) with ESMTP id ; Tue, 25 Sep 2001 14:47:54 +0930 Received: from salex001.dsto.defence.gov.au (salex001.dsto.defence.gov.au [131.185.2.9]) by muttley.dsto.defence.gov.au (8.9.3/8.9.3/8.9.3.LMD.990513) with ESMTP id OAA25156; Tue, 25 Sep 2001 14:44:36 +0930 (CST) Received: from fang.dsto.defence.gov.au ([131.185.2.5]) by salex001.dsto.defence.gov.au with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id TQL8ZB0Y; Tue, 25 Sep 2001 14:44:33 +0930 Received: from dsto.defence.gov.au (fuzz.dsto.defence.gov.au [131.185.75.229]) by fang.dsto.defence.gov.au (8.9.3/8.9.3/8.9.3.LMD.990513) with ESMTP id OAA10106; Tue, 25 Sep 2001 14:44:36 +0930 (CST) Message-ID: <3BB012BE.BD8F324@dsto.defence.gov.au> Date: Tue, 25 Sep 2001 14:44:38 +0930 From: "Thyer, Matthew" X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en MIME-Version: 1.0 To: current@freebsd.org Cc: markm@freebsd.org Subject: rshd broken on -CURRENT Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Why can I "rcp" to my FreeBSD-CURRENT box (built Sept 19th) with no password when I dont even have a .rhosts file (I dont have an /etc/hosts.equiv either). I can also "rsh freebie command" with no prompt for password. I assume this is due to the upgrade of PAM. Looking on a RedHat 7.1 system I see they have the following in /etc/pam.d/rsh: #%PAM-1.0 # For root login to succeed here with pam_securetty, "rsh" must be # listed in /etc/securetty. auth required /lib/security/pam_nologin.so auth required /lib/security/pam_securetty.so auth required /lib/security/pam_env.so auth required /lib/security/pam_rhosts_auth.so account required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth My FreeBSD-CURRENT box has this for rsh: rsh auth required pam_nologin.so no_warn rsh auth required pam_permit.so no_warn rsh account required pam_unix.so rsh session required pam_permit.so It seems that we dont have a /usr/lib/pam_rhosts_auth.so. -- Matthew Thyer Phone: +61 8 8259 7249 Science Corporate Information Systems Fax: +61 8 8259 5537 Defence Science and Technology Organisation, Edinburgh PO Box 1500 Edinburgh South Australia 5111 IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914. If you have received this email in error, you are requested to contact the sender and delete the email. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message