Date: Fri, 1 Nov 1996 17:38:18 -0800 (PST) From: Doug White <dwhite@gdi.uoregon.edu> To: Craig Shaver <craig@progroup.com> Cc: questions@FreeBSD.org Subject: Re: rcp by root Message-ID: <Pine.BSI.3.94.961101173746.4938X-100000@gdi.uoregon.edu> In-Reply-To: <199611011832.KAA29070@seabass.progroup.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 1 Nov 1996, Craig Shaver wrote: > > > I can't setup my system to allow root to rcp from another freebsd system, it > > > works ok as a user. I have a /.rhosts and a /etc/hosts.equiv file with the > > > remote system listed. What else am I missing? > > > > This is probably a huge security violation since anyone with the root > > password now has root access your computer too (using rsh & the other > > r-utilities). > I set up .rhosts in the /root directory and qualified it by the full > host name. I will take it out now, and only put it in when I > need to do backups to a remote tape. However, not just anyone with > root can access this. I tried from another machine on the internet > where I have root access. I got a message to the effect that root > login was denied on that terminal. I think You would have to spoof > the fully qualified domain name to make it work. How hard is it > to do that? Actually, what is probably happening is that the rcp / rlogin is failing since you can't login as root directly from a network terminal. They aren't "secure" in ttys. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.94.961101173746.4938X-100000>