Date: Tue, 25 Sep 2001 14:44:38 +0930 From: "Thyer, Matthew" <Matthew.Thyer@dsto.defence.gov.au> To: current@freebsd.org Cc: markm@freebsd.org Subject: rshd broken on -CURRENT Message-ID: <3BB012BE.BD8F324@dsto.defence.gov.au>
next in thread | raw e-mail | index | archive | help
Why can I "rcp" to my FreeBSD-CURRENT box (built Sept 19th) with no password when I dont even have a .rhosts file (I dont have an /etc/hosts.equiv either). I can also "rsh freebie command" with no prompt for password. I assume this is due to the upgrade of PAM. Looking on a RedHat 7.1 system I see they have the following in /etc/pam.d/rsh: #%PAM-1.0 # For root login to succeed here with pam_securetty, "rsh" must be # listed in /etc/securetty. auth required /lib/security/pam_nologin.so auth required /lib/security/pam_securetty.so auth required /lib/security/pam_env.so auth required /lib/security/pam_rhosts_auth.so account required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth My FreeBSD-CURRENT box has this for rsh: rsh auth required pam_nologin.so no_warn rsh auth required pam_permit.so no_warn rsh account required pam_unix.so rsh session required pam_permit.so It seems that we dont have a /usr/lib/pam_rhosts_auth.so. -- Matthew Thyer Phone: +61 8 8259 7249 Science Corporate Information Systems Fax: +61 8 8259 5537 Defence Science and Technology Organisation, Edinburgh PO Box 1500 Edinburgh South Australia 5111 IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914. If you have received this email in error, you are requested to contact the sender and delete the email. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BB012BE.BD8F324>