Security problem with .shosts?

Security problem with .shosts?

Post by Henry Avatar Ch » Thu, 30 Jan 1997 04:00:00

I've been told that it isn't as secure to add a userid
and host to a .rhosts or a .shosts file.




Security problem with .shosts?

Post by B.A.McCau.. » Fri, 31 Jan 1997 04:00:00

Quote:>I've been told that it isn't as secure to add a userid
>and host to a .rhosts or a .shosts file.

Because anyone can connect a machine to your network with any IP
address they like.


 .  _\\__[oo       from       | Phones: +44 121 471 3789 (home)

.  l___\\    /~~) /~~[  /   [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
 # ll  l\\  ~~~~ ~   ~ ~    ~ |


1. ssh 1.2.26 + pam + shosts problem on RedHat 5.2

I'm running RedHat 5.2 with the ssh 1.2.26 rpm from When I
log into the machine as root with the originating account being listed in
~root/.shosts (no .rhosts or /etc/hosts.equiv file exists) I get (verbose
output from the ssh client):

lorenz: Remote: Accepted by .shosts.
lorenz: Received RSA challenge for host key from server. lorenz: Sending
response to host key RSA challenge.
lorenz: Remote: Rhosts with RSA host authentication accepted.
lorenz: Rhosts or /etc/hosts.equiv with RSA host authentication accepted
by server.
lorenz: Requesting pty.

why does it talk of "Rhosts or /etc/hosts.equiv with RSA host
authentication accepted"? Is it PAM saying so?

when terminating the shell opened via ssh (or when the command started by
ssh terminates) the syslog on the destination machine (RH5.2) says:

May 21 14:12:32 poseidon sshd[2675]: log: Closing connection to
May 21 14:12:32 poseidon PAM_pwdb[2675]: 1 authentication failure; (uid=0)
-> root for ssh service

why that last line? It BTW causes output from a command executed by ssh to
be suppressed (but still that command gets executed on the target
machine). This also happens when the destination account is not root:

May 21 14:23:05 poseidon PAM_pwdb[2776]: 1 authentication failure; (uid=0)
-> schwarz for ssh service

It does however not occur when using password authentification.
What's at fault here? PAM maybe?

Institut fr Theoretische Physik  +49 30 314-24254   FAX -21130  IRC kuroi
Technische Universit?t Berlin  

2. Weird C syntax on Linux source code

3. Security Problems? What Security Problems?

4. New version 0.4 of SVGATextMode

5. let ssh obey ~/.rhost or ~/.shosts

6. ECU Floppy for 1000A 5/333

7. Rhosts/shosts for OpenSSH 3.4p1

8. Good Debugger (Workshop)

9. SSH troubles with .rhosts and .shosts

10. .shosts: Your host key cannot be verified: unknown or invalid host key?

11. passwordless auth via sshd using .shosts - without keys?

12. shosts