Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!wuarchive!mit-eddie!uw-beaver!ubc-cs!alberta!myrias!edm!geoff
From: geoff@edm.uucp (Geoff Coleman)
Newsgroups: u3b.misc,comp.sys.att
Subject: Re: Secure TTY on a 3B2
Message-ID: <1990Oct11.051428.28517@edm.uucp>
Date: 11 Oct 90 05:14:28 GMT
References: <12695@vpk2.UUCP>
Organization: Unexsys Systems inc.
Lines: 35

From article <12695@vpk2.UUCP>, by craig@attcan.UUCP (Craig Campbell):
> 
> 
> With regards to being able to access "root" on various systems via a TCP link,
> I would like to suggest the following scenario.
> 
> WARNING:  This does not require SOURCE CODE or Kernel rebuilds, so those
>          who prefer difficult solutions, hit 'n' now. 8-)
> 
> First, you must be root on the system you are starting on.  Log in as anyone
> and then su.  This is the only su you will require.  Now on any other system
> you wish to rlogin to, there must exist an entry for your current system in
> both /etc/hosts and /.rhosts.

	The problem with this is called security. If a user finds root
password on one machines he now has access to root on all machines that have
the corresponding /.rhosts. 


	At least with the 386 Unix you can get rid of the console only root 
login by editing /etc/defaults/login.


Geoff Coleman

> (P.S.  I am not a TCP/IP guru, this is just standard practice.  It will work
						^^^^^^^^
At what sites?


> Better to remain silent and be thought a fool,
> than to open your mouth and remove all doubt.
> 					- I have no idea.

pps. Where's the disclaimer Craig (or are these Ma bell's words)?