Xref: utzoo comp.unix.shell:751 alt.sys.sun:1837 alt.security:1707 Path: utzoo!attcan!uunet!zaphod.mps.ohio-state.edu!mips!pacbell.com!att!cbnewse!danj1 From: Dan_Jacobson@ATT.COM Newsgroups: comp.unix.shell,alt.sys.sun,alt.security Subject: Re: ~/.rhosts: put my username in there too? Message-ID: Date: 28 Oct 90 22:08:12 GMT References: <1990Oct28.074642.6337@cbnewse.att.com> Sender: danj1@cbnewse.att.com (Dan Jacobson) Reply-To: danj1@ihlpa.att.com Organization: AT&T-BL, Naperville IL, USA Lines: 32 In-Reply-To: Dan_Jacobson@ATT.COM's message of Sun, 28 Oct 90 07:46:42 GMT >>>>> On Sun, 28 Oct 90 21:54:13 +0100, birger@eik.ii.uib.no said: birger> I'm unable to post, so i mail you an answer to your question. birger> If you know that your user-number (uid) is the same on all birger> hosts (e.g. use of YP/NIS or other way of sharing passwd file) birger> then you don't need your username in the file. birger> if user foo is user number 200 on host alpha, 300 on host birger> beta, a .rhosts file on beta saying just "alpha" won't be good birger> enough for foo to rlogin, even if he uses "rlogin beta -l birger> foo". [hmm, mine seems to map on usernames, not id's] birger> If user bar on alpha is user 200, then bar would be able to birger> say "rlogin beta" and get logged in as foo. [you mean 300[?], Mine still maps on usernames.] birger> The morale is: If the passwd list is distributed (e.g. you birger> don't need -l option for rlogin) then just hostname is secure. birger> -- birger> ____ ____ ____ ____ ____ birger@ii.uib.no birger> / / / / / / / / / / birger> / / / / / / / / / / Birger A. Wathne birger> /--- / /--- / __ /--- /--- Blekenberg 14 birger> / / / / / / / / / / N-5037 SOLHEIMSVIK birger> /____/ / / / /____/ /____ / / tlf: +47-5-20 00 62 -- Dan_Jacobson@ATT.COM Naperville IL USA +1 708-979-6364