On May 23, 6:16 am, "Brian K. White" wrote:
> ----- Original Message -----
> From: "James_Szabadics"
> Newsgroups: comp.unix.sco.misc
> To:
> Sent: Wednesday, May 23, 2007 4:36 AM
> Subject: rlogin prompting for password between two OSR6 servers
> >I just configured this today. I am only using the root user so the
> > only file i needed to edit was /.rhosts to add the entry for the other
> > server.

> > I made sure there was an A record in the DNS server for both of my new
> > servers and that i could ping the host name from the unix command line
> > on each machine successfully.

> > Funnily enough whenever i tried rlogin i was still prompted for a
> > password. after reading many posts I did an ls-l on .rhosts and found
> > -rw-r--r-- permissions on the .rhosts file

> > I didn't see how having additional read permissions would cause the
> > password prompt but based on my readings and having tried a bunch of
> > other stuff and backed it out again when it didn't work I thought i
> > would give this a go on both boxes:

> > chmod 600 .rhosts

> > -rw------- 1 root sys 45 May 23 16:20 .rhosts

> > All works fine now hope this helps someone else someday. By
> > default .rhosts isnt in the right state to do the seamless rlogin and
> > rcmd and you need to do the chmod 600 on it if you want it to not
> > prompt you for a password.

> By default .rhosts doesn't exist at all.
> By default your umask is 022 so that when you create files their default
> perms are 644, which is fine for most things.
> So when you created .rhosts it came out 644.
> .rhosts is simply not a default case, and needs special perms as do several
> other things.
> All of which is explained in the man page so it's neither broken nor a
> mystery.
> Brian K. White b...@aljex.com http://www.myspace.com/KEYofR
> +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
> filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!

The requirement for .rhosts to be non-world-readable is a security-by-
obscurity feature.

The real mystery is why use that antiquated rcmd mechanism when there
is SSH, which has some actual security.