Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!usc!apple!agate!shelby!rutgers!dimacs.rutgers.edu!bcm!soma!concurrent-request
From: hugh@slee01.srl.ford.com (Hugh Fader)
Newsgroups: comp.sys.concurrent
Subject: RTU 5.0 equivalent host mechanism FUBAR
Message-ID: <3104@gazette.bcm.tmc.edu>
Date: 7 Dec 90 00:19:10 GMT
Sender: usenet@bcm.tmc.edu
Lines: 32
Approved: concurrent@soma.neusc.bcm.tmc.edu
Nntp-Posting-Host: cortex.neusc.bcm.tmc.edu

I have the privilege of configuring a new Concurrent 5450 running RTU
5.0 and have run into trouble with the network software. Apparently
Concurrent has decided for this new release that the method for
validating equivalent hosts used in the past is no longer secure
enough. Their customer support people inform me that the format of the
.rhosts, and hosts.equiv files has changed. The files now require both
host and username, eg.:

hostname	username

According to the online documentatation, either username or hostname
may now be replaced by a wildcard asterisk. In practice, all I have
been able to make work is:

*	username

This implies that a user with username from any host may log into
this account without a password -- not very secure. 

Also, the support people *think* (and I can confirm) that the
equivalence mechanism no longer works for superuser. Remote
dumps and that sort of thing can no longer be done as root.

The only workaround I have found is to copy an older version
of rloginserver over the new version. Anyone else have a better
solution?

Thanks in advance.

Articles to: concurrent@soma.bcm.tmc.edu or uunet!soma.bcm.tmc.edu!concurrent
Administrative stuff: concurrent-request@soma.bcm.tmc.edu
Stan Barber, Moderator