HPE Community
Operating System - HP-UX
1833934 Members
2235 Online
110063 Solutions
New Discussion

Re: rlogin and security

 
Richard_115
Frequent Advisor

‎01-04-2002 10:34 AM

‎01-04-2002 10:34 AM

rlogin and security

I have an issue. I want to write a script that I can traverse or rlogin to several systems and perform administrative tasks. But the hurdle is that these systems are having high security turned on i.e no .rhosts file and also CONSOLE on /etc/securetty. Can I be able to, say, have a script running from one machine onto several machines, turn off security, perform some administrative work, turn security features back on again and exit ???? In a sense, I have the script, but I can't figure out how I can bypass this security features. Don't get me wrong, these are my systems and I have high secirity turned on. But it becomes time consuming to telnet onto each system each morning for admin work.

Thanks
0 Kudos
Reply
6 REPLIES 6
Sanjay_6
Honored Contributor

‎01-04-2002 10:38 AM

‎01-04-2002 10:38 AM

Re: rlogin and security

Hi Richard,

Don't think something like that is possible.

Thanks
0 Kudos
Reply
Jeff Machols
Esteemed Contributor

‎01-04-2002 10:41 AM

‎01-04-2002 10:41 AM

Re: rlogin and security

One option would be to have a daemon running on these machines. They could look for a certain file to exists (/etc/nosec). If the daemon saw the file you could turn off the security. To create the files, you could have a ftp script set up to put this file on all the systems. You would just have to run the ftp script, then the security would be off. You could do the same thing to re-enable security.
0 Kudos
Reply
Helen French
Honored Contributor

‎01-04-2002 10:42 AM

‎01-04-2002 10:42 AM

Re: rlogin and security

Hi Richard,

I don't think it is possible to do this. You may have to look in to the security procedures. Reduce the securtiy level of your remote systems and try performing your jobs.

HTH,
Shiju
Life is a promise, fulfill it!
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎01-04-2002 10:47 AM

‎01-04-2002 10:47 AM

Re: rlogin and security

Hi Richard,

If the systems are securely locked down, you can't get in to do what you want but you can look into alternative solutions to your issue. I strongly suggest ssh. Anything you could do with the "r" utilities can be done with ssh and much more securely.

That's what we did at my last job with the blessings of the security dept. I strongly advise against "turning off security" for any time to be able to run any tasks, administrative or otherwise.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Craig Rants
Honored Contributor

‎01-04-2002 10:51 AM

‎01-04-2002 10:51 AM

Re: rlogin and security

Why don't you look at using ssh. You can use key encryption trusts on the box, make it seem like you at "improving" security by having all your work traverse the network encrypted, and you don't have to worry about turning on/off the security already in place to get your remote work done. I have that type of function setup in my envionment and it works great.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
fg_1
Trusted Contributor

‎01-04-2002 11:04 AM

‎01-04-2002 11:04 AM

Re: rlogin and security

Richard

ssh is the best option youre going to find since you have a high level of security turned on with respect to /etc/securetty and other functions locked down.

ssh is quite friendly and capable of handling some of what you want to do.

BTW what kind of daily task are you doing, and is it something that can be scripted and run in cron for a certain point in time and then have the results emailed to you using the root mail?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.