Trying here to get rsh (actually, rcp, but let's just keep it simple for
now) to work between two RH 7.2 machines, running 2.4.9 kernels. Both are
internal machines, secure behind a firewall.
On machine "ben", user "vermont" has a single-line .rhosts file
(writable/readable only by him) in the /home/vermont directory:
I thought this would allow rsh access from host jerry, any user. Yet when
on jerry I try to just run a simple remote command, I get:
% rsh -l vermont ben date
Then when I check /var/log/messages on ben, I see:
I'm not sure what I've done wrong; I've got no hosts.equiv file, and I
can't find anything else that I'm supposed to do to make this fly.
Note that if I simply change /etc/pam.d/rsh entry for pam_rhosts_auth from
"required" to sufficient", it works fine - but I then seem to be able to
get in as ANY user - which is a little less security than I want. :)
auth required /lib/security/pam_nologin.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_rhosts_auth.so <<<<- changed this one
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
What am I doing wrong here?