RH 4.0 / PAM difficulties with .rhosts.

RH 4.0 / PAM difficulties with .rhosts.

Post by Michael K. Johns » Thu, 12 Dec 1996 04:00:00





>>in the /etc/inetd.conf.  Here's the snippet that deals with rlogin from our
>>/etc/pam.conf:

>># rlogin authorization
>>rlogin  auth       required     /lib/security/pam_securetty.so
>>rlogin  auth       required     /lib/security/pam_rhosts_auth.so

>Change that 'required' to 'sufficient' and you'll be on your way.
>(Otherwise, you'd be requiring both rhosts_auth and unix_auth, which is
>obviously not what you want)

>>rlogin  auth       required     /lib/security/pam_unix_auth.so
>>rlogin  account    required     /lib/security/pam_unix_acct.so
>>rlogin  password   required     /lib/security/pam_unix_passwd.so
>>rlogin  session    required     /lib/security/pam_unix_session.so

Two other things to note: all .rhosts files *must* be mode 600, or
they are ignored, and if you want to allow root rlogins, you need
to remove the pam_securetty line.

I hope that's helpful.

michaelkjohnson

"Ever wonder why the SAME PEOPLE make up ALL the * theories?"