Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security problems - hosts.equiv & .rhosts

Status
Not open for further replies.
desbo

desbo

IS-IT--Management
Oct 24, 2002
64
GB
Inside out companies secure network I currently have completely open access to our 4 RS6000s around the world with the /etc/hosts.equiv and any $HOME/.rhosts files all having "+ +" as the only entry.

I need to tighten this up urgently but am having trouble getting the security to work reliably.

I am trying to get the new security working between 2 RS6000s both running AIX 5.2. These systems are named in this example rs01 and rs02.
- Both have entries in the /etc/hosts file on both systems.
- rs01 is still set up with "+ +" in all the files.
- rs02 is set up with "rs01" in /etc/hosts.equiv
- as root user on rs01 "rlogin rs02" requires a password
- as adm1 user on rs01 "rlogin rs02" connects without a password on the first attempt. If I logout and do command "rlogin rs02" again it requires a password. If I try again it connects, the next time it requires a password and so on.
- I create a .rhosts file on rs02 in the root user home directory "/" with the value "rs01".
- now the root user on rs01 behaves exactly as described above for user adm1, alternating between connecting and not connecting.

What is going on? I can't get my head around this at all. I have tried all sorts of combinations sometimes using .rhosts files and sometimes not and sometimes a user will connect and sometimes not.

Can anyone offer any assistance as it is driving me mad.

Thanks
 
Sort by date Sort by votes
Hi there,

wouldn't ssh be more comfortable to use and configure ?

Regards
Thomas
 
Upvote 0 Downvote
I know nothing about ssh except it is a secure shell.

Do you know a good place on the web to read up on ssh.

Thanks
 
Upvote 0 Downvote
OpenSSH is your friend here. You should have got a copy on the Linux extras CD that came with your OS CDs. It's a pretty easy install - you'll have to do OpenSSL first but its on the same CD.

Once you have ssh installed then you can set up public/private key logins. This means that configured users can use ssh, scp and sftp across systems without logins.

If you do a search on this forum and the Unix Scripting forum for ssh you'll find lots of pertinant threads. It may take a bit of looking but that's the way to learn.

Ceci n'est pas une signature
Columb Healy
 
Upvote 0 Downvote
Thanks for you advice. I'll do some investigation.
 
Upvote 0 Downvote
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

generaal
  • Locked
  • Question
Samba security
Replies
0
Views
111
generaal
generaal
kenwalters
  • Locked
  • Question
Discrepancy between ulimit command and /etc/security/limits settings.
Replies
1
Views
146
TSch
TSch
shortline
  • Locked
  • Question
AIX security
Replies
1
Views
81
tempest92
tempest92
nmorph
  • Locked
  • Question
HA Problems
Replies
2
Views
101
nmorph
nmorph
tharug
  • Locked
  • Question
/etc/security/user file
Replies
2
Views
161
BAixer
BAixer

Part and Inventory Search

Sponsor

Back
Top