topic Re: rlogin in Operating System - Linux

rlogin

Fadia Almarei — Mon, 19 Apr 2004 02:03:42 GMT

how to configure my linux 9 server be rlogin from another server without puting password ,(is there is .rhosts file for the system) and how can i telnet in to my system with the password of the root

Re: rlogin

Stuart Browne — Mon, 19 Apr 2004 02:09:24 GMT

Telnet to the server (especially for root) is such a bad idea.

Yes, '.rhosts' exists, and work int he same manner as most other Unix varients (in user home-directory, 600 permissions).

To 'rlogin' as root however, you will have to bypass some of the default security however.

The eastiest way is to modify '/etc/securetty', and put the keyword 'rsh' on a line by it's self.

This should allow root rlogin's. You'll also need to enable the 'rlogin' and 'rsh' services (chkconfig rlogin on; chkconfig rsh on).

Personally, I'd start by looking into using 'ssh' instead. It's far more secure for these sorts of things.

Re: rlogin

Fadia Almarei — Mon, 19 Apr 2004 02:25:48 GMT

but i did not found the file i creat one put also the rlogin does not work without password

Re: rlogin

Stuart Browne — Mon, 19 Apr 2004 02:31:15 GMT

Correct, the file won't exist by default.

So you create it in '~user/.rhosts', make sure it has only user-RW permissions (chmod 600 ~user/.rhosts). Within the '.rhosts' file you have the machine name, or IP addres, of the machine you are coming from. This name has to be the same as what your machine resolves it as! Watching the errors in your log files help.

If it's the 'root' user you are trying to 'rlogin' with, then you need to add 'rsh' to '/etc/securetty'. If it's any other user, then it doesn't matter.

Re: rlogin

Fadia Almarei — Mon, 19 Apr 2004 02:35:06 GMT

what should i add to the /etc/securetty file, please but for me the steps

Re: rlogin

Fadia Almarei — Mon, 19 Apr 2004 03:56:01 GMT

thanks for help , i do all things , i add the server in the /root/.rhosts file and the server to the /etc/hosts , but when i do rlogin or rsh they need from me to put a password, and even when i do remote backup it will give me that permission denied that it can notlogin as root

Re: rlogin

Roberto Polli — Mon, 19 Apr 2004 03:59:07 GMT

Hi fadia,
rh8 uses pam for authenticatin users, so all you need is to check the /etc/pam.d/rlogin file ; it specifies all the steps linux do after granting you access.

An rlogin file working with .rhosts is the following:
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rlogin" must be
# listed in /etc/securetty.
auth required /lib/security/pam_nologin.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_rhosts_auth.so
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth

First of all, add rlogin in /etc/securetty with
#echo rlogin >> /etc/securetty;
(recommend the double '>>' )
then change your /etc/pam.d/rlogin file like the one above.

Then it should work.

To keep your box safe i strongly recommend to you to read carefully the PAM documentation. It's essential for managing your machine.

Any comments about the rlogin file are welcome!

Peace, Rob

Re: rlogin

Fadia Almarei — Mon, 19 Apr 2004 05:28:27 GMT

thanks alot for all , it was really big problem for me