Path: utzoo!attcan!craig From: craig@attcan.UUCP (Craig Campbell) Newsgroups: u3b.misc,comp.sys.att Subject: Re: Secure TTY on a 3B2 Message-ID: <12720@vpk4.UUCP> Date: 11 Oct 90 15:53:27 GMT References: <12695@vpk2.UUCP> <1990Oct11.051428.28517@edm.uucp> Reply-To: craig@vpk4.ATT.COM (Craig Campbell) Organization: AT&T Canada Inc., Toronto Lines: 50 In article <1990Oct11.051428.28517@edm.uucp> geoff@edm.uucp (Geoff Coleman) writes: >From article <12695@vpk2.UUCP>, by craig@attcan.UUCP (Craig Campbell): >> With regards to being able to access "root" on various systems via a TCP link >> First, you must be root on the system you are starting on. Log in as anyone >> and then su. This is the only su you will require. Now on any other system >> you wish to rlogin to, there must exist an entry for your current system in >> both /etc/hosts and /.rhosts. > The problem with this is called security. If a user finds root >password on one machines he now has access to root on all machines that have >the corresponding /.rhosts. No argument here, the /.rhosts setup is a security risk. However, the original requst was not for a security annalysis, but rather a "Rats, I can't do this and really want to be able to...". >Geoff Coleman >> (P.S. I am not a TCP/IP guru, this is just standard practice. It will work ^^^^^^^^ >At what sites? Standard TCP/IP practice (i.e. the rlogin .rhosts stuff). Whether a sysop chooses to use this feature is entirely his/her concern. >pps. Where's the disclaimer Craig (or are these Ma bell's words)? Isn't Ma bell an alias for Bell Canada? How could I possibly be speaking for Bell Canada? (Never worked there, although I use their services. 8-)) If you are refering to AT&T Canada, I am not empowered or enclined to speak for them. Anyone who beleives that a signature, without reference to title or organization, implies a statement of company opinion or policy, will get the confusion they deserve (IMHO). craig P.S. Nice to hear from you again! New net feed, or have you just been quiet for a while? You should have answered the rlogin question, not me, since you have far more TCP/IP experience than I!! :-) Later Bud!!! craig