On May 23, 11:54 pm, ThreeStar wrote:
> On May 23, 6:16 am, "Brian K. White" wrote:
>
>
>
>
>
> > ----- Original Message -----
> > From: "James_Szabadics"

>
> > Newsgroups: comp.unix.sco.misc
> > To:
> > Sent: Wednesday, May 23, 2007 4:36 AM
> > Subject: rlogin prompting for password between two OSR6 servers

>
> > >I just configured this today. I am only using the root user so the
> > > only file i needed to edit was /.rhosts to add the entry for the other
> > > server.

>
> > > I made sure there was an A record in the DNS server for both of my new
> > > servers and that i could ping the host name from the unix command line
> > > on each machine successfully.

>
> > > Funnily enough whenever i tried rlogin i was still prompted for a
> > > password. after reading many posts I did an ls-l on .rhosts and found
> > > -rw-r--r-- permissions on the .rhosts file

>
> > > I didn't see how having additional read permissions would cause the
> > > password prompt but based on my readings and having tried a bunch of
> > > other stuff and backed it out again when it didn't work I thought i
> > > would give this a go on both boxes:

>
> > > chmod 600 .rhosts

>
> > > -rw------- 1 root sys 45 May 23 16:20 .rhosts

>
> > > All works fine now hope this helps someone else someday. By
> > > default .rhosts isnt in the right state to do the seamless rlogin and
> > > rcmd and you need to do the chmod 600 on it if you want it to not
> > > prompt you for a password.

>
> > By default .rhosts doesn't exist at all.
> > By default your umask is 022 so that when you create files their default
> > perms are 644, which is fine for most things.
> > So when you created .rhosts it came out 644.
> > .rhosts is simply not a default case, and needs special perms as do several
> > other things.
> > All of which is explained in the man page so it's neither broken nor a
> > mystery.

>
> > Brian K. White b...@aljex.com http://www.myspace.com/KEYofR
> > +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
> > filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!

>
> The requirement for .rhosts to be non-world-readable is a security-by-
> obscurity feature.
>
> The real mystery is why use that antiquated rcmd mechanism when there
> is SSH, which has some actual security.
>
> --RLR- Hide quoted text -
>
> - Show quoted text -


Hmm probably just my antiquated knowledge doesn't yet extend to ssh
for remote commands.... sounds interesting though I will take a
look. I just tried to re-implement what i was used to on my OSR5.0.6
box that we are using right now that the new system replaces. Comfort
zone to stick with what I know I guess - plenty of other challenges
going on here with major new facilities.

Regards

James