Path: utzoo!attcan!craig
From: craig@attcan.UUCP (Craig Campbell)
Newsgroups: u3b.misc,comp.sys.att
Subject: Re: Secure TTY on a 3B2
Message-ID: <12695@vpk2.UUCP>
Date: 9 Oct 90 18:55:29 GMT
Reply-To: craig@attcan.UUCP (Craig Campbell)
Organization: AT&T Canada Inc., Toronto
Lines: 28



With regards to being able to access "root" on various systems via a TCP link,
I would like to suggest the following scenario.

WARNING:  This does not require SOURCE CODE or Kernel rebuilds, so those
         who prefer difficult solutions, hit 'n' now. 8-)

First, you must be root on the system you are starting on.  Log in as anyone
and then su.  This is the only su you will require.  Now on any other system
you wish to rlogin to, there must exist an entry for your current system in
both /etc/hosts and /.rhosts.

That's it.  That's all.  Good luck, have fun, etc....


(P.S.  I am not a TCP/IP guru, this is just standard practice.  It will work
      for any user, not just root.  It would appear that rlogin first
      translates your current id to a login name, and then checks on the
      destination host for a) that login name and b) a valid entry in the
      .rhosts file in the home directory of that login.  If the check
      succeeds, then you're in without a login or passwd check.)

craig

Better to remain silent and be thought a fool,
than to open your mouth and remove all doubt.
					- I have no idea.