How do you allow root to rsh/rcp/rlogin/etc?

How do you allow root to rsh/rcp/rlogin/etc?

Post by Doug Siebe » Fri, 23 Apr 1993 09:25:54



Solaris ships much more secure than SunOS by default.  This is a good thing.
However, it is very much a pain for our purposes that root cannot use rlogin
or rsh or rcp to access a Solaris machine.  This is probably in the Answerbook
CDROM, but we keep bugging our rep for it and he never seems to get around to
providing one for us....*sigh*  Anyway, I checked to see if the ways I know
from other Unixes would help here, but it doesn't help, I can't seem to make
non-console logins 'secure'.  Any help out there?

--
/-----------------------------------------------------------------------------\
| Doug Siebert                             | "I don't have to take this abuse |


|     ICBM:  41d 39m 55s N, 91d 30m 43s W  |  me!"  Bill Murray, Ghostbusters |
\-----------------------------------------------------------------------------/

 
 
 

How do you allow root to rsh/rcp/rlogin/etc?

Post by Win E. Strickla » Fri, 23 Apr 1993 23:45:59



>Solaris ships much more secure than SunOS by default.  This is a good thing.
>However, it is very much a pain for our purposes that root cannot use rlogin
>or rsh or rcp to access a Solaris machine.  This is probably in the Answerbook
>CDROM, but we keep bugging our rep for it and he never seems to get around to
>providing one for us....*sigh*  Anyway, I checked to see if the ways I know
>from other Unixes would help here, but it doesn't help, I can't seem to make
>non-console logins 'secure'.  Any help out there?

From the FAQ:

Why can't I rlogin/telnet in as root?

        >... when I try to rlogin as root ...
        >it gives me the message "Not on system console
        >Connection closed.".  What have I left out?

        Solaris 2 comes out of the box a heck of a lot more secure than
        Solaris 1.  There is no '+' in the hosts.equiv.  root logins are not
        allowed anywhere except the console.  All accounts require passwords.
        In order to allow root logins over the net, you need to edit the
        /etc/default/login file and comment out or otherwise change the
        CONSOLE= line.

To amplify, in /etc/default/login CONSOLE can be used in a variety of ways:

        1) CONSOLE=/dev/console (default) - direct root logins only on console
        2) CONSOLE= - direct root logins disallowed everywhere
        3) #CONSOLE (or delete the line) - root logins allowed everywhere

Win
--
| Win Strickland                      | Director, Educational Services      |

| Voice: +1-404-956-7400              | Suite LL150 - 1300 Parkwood Circle  |
| Fax:   +1-404-956-7280  Go Jackets! | Atlanta, GA  30339  USA             |

 
 
 

How do you allow root to rsh/rcp/rlogin/etc?

Post by Jan Wortelbo » Sat, 24 Apr 1993 22:06:23



>Solaris ships much more secure than SunOS by default.  This is a good thing.
>However, it is very much a pain for our purposes that root cannot use rlogin
>or rsh or rcp to access a Solaris machine.  This is probably in the Answerbook
>CDROM, but we keep bugging our rep for it and he never seems to get around to
>providing one for us....*sigh*  Anyway, I checked to see if the ways I know
>from other Unixes would help here, but it doesn't help, I can't seem to make
>non-console logins 'secure'.  Any help out there?

For rlogin Comment out/in the line in /etc/default/login
CONSOLE=/dev/console -> #CONSOLE=/dev/console

For the rest put host in /etc/hosts.equiv and "host root" in /.rhosts

Jan.
--
Jan Wortelboer,  University of Amsterdam

Unix             Kruislaan 403 Kamer F003     Phone: +31 20 525 7501
systems manager  1098 SJ AMSTERDAM            Fax  : +31 20 525 7490

 
 
 

How do you allow root to rsh/rcp/rlogin/etc?

Post by Rob Kroeg » Mon, 26 Apr 1993 05:10:11


You need to edit the /etc/default/passwd file.  Comment out the
CONSOLE=/dev/console entry so it looks like so:


#TIMEZONE=EST5EDT
HZ=100
#ULIMIT=4096
#CONSOLE=/dev/console
PASSREQ=YES
ALTSHELL=YES

Rob Kroeger
CGL
University of Waterloo

 
 
 

1. Any way to allow root rsh/rlogin in RH6.0??

Hello,

        I have a few boxes on a private network for running some batch jobs
where security is not a concern. Is there a way to allow root access via
telnet, rsh and rlogin?

        I have tried modifying files in /etc/pam.d as well as /etc/securettys
and creating a .rhosts file in /root and nothing seems to work. I know this is
absurd from a security standpoint but the boxes are on their own lan.

Thanks,

Will

2. File Sharing, Gnutella kind on Linux PPC

3. Why don't rsh/rlogin/rcp ever timeout?

4. Need help compiling fvwm2

5. Rsh/rlogin/rcp on FreeBSD 4.3.

6. Using gdb with Linux Elf shared object libraries

7. Secure RSH, RCP, RLOGIN and friends

8. [v850] Remove v850 dependency on NR_syscalls

9. rlogin/rsh/rcp slow between linux machines on multi platform network

10. rlogin, rcp - rsh Not Working, Please Help

11. rsh, rcp, rlogin and error messages

12. inet services +rcp +rlogin +rsh

13. Can't use any r commands out of host (rlogin,rsh,rcp)