I've been told that it isn't as secure to add a userid
and host to a .rhosts or a .shosts file.
Because anyone can connect a machine to your network with any IPQuote:>I've been told that it isn't as secure to add a userid
>and host to a .rhosts or a .shosts file.
. _\\__[oo from | Phones: +44 121 471 3789 (home)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://wcl-l.bham.ac.uk/~bam/
I'm running RedHat 5.2 with the ssh 1.2.26 rpm from ftp.replay.com. When I
log into the machine as root with the originating account being listed in
~root/.shosts (no .rhosts or /etc/hosts.equiv file exists) I get (verbose
output from the ssh client):
lorenz: Remote: Accepted by .shosts.
lorenz: Received RSA challenge for host key from server. lorenz: Sending
response to host key RSA challenge.
lorenz: Remote: Rhosts with RSA host authentication accepted.
lorenz: Rhosts or /etc/hosts.equiv with RSA host authentication accepted
lorenz: Requesting pty.
why does it talk of "Rhosts or /etc/hosts.equiv with RSA host
authentication accepted"? Is it PAM saying so?
when terminating the shell opened via ssh (or when the command started by
ssh terminates) the syslog on the destination machine (RH5.2) says:
May 21 14:12:32 poseidon sshd: log: Closing connection to
May 21 14:12:32 poseidon PAM_pwdb: 1 authentication failure; (uid=0)
-> root for ssh service
why that last line? It BTW causes output from a command executed by ssh to
be suppressed (but still that command gets executed on the target
machine). This also happens when the destination account is not root:
May 21 14:23:05 poseidon PAM_pwdb: 1 authentication failure; (uid=0)
-> schwarz for ssh service
It does however not occur when using password authentification.
What's at fault here? PAM maybe?
Institut fr Theoretische Physik +49 30 314-24254 FAX -21130 IRC kuroi
Technische Universit?t Berlin http://home.pages.de/~schwarz/