HPE Community
Operating System - HP-UX
1845746 Members
4248 Online
110249 Solutions
New Discussion

rlogin

 
SOLVED
Go to solution
Emilio Brusa
Frequent Advisor

‎02-12-2004 05:19 AM

‎02-12-2004 05:19 AM

rlogin

Hi
some one can tell me how can i disabled the rlogin services in mi hpux.

thakx
0 Kudos
Reply
6 REPLIES 6
Steven E. Protter
Exalted Contributor

‎02-12-2004 05:23 AM

‎02-12-2004 05:23 AM

Solution

Re: rlogin

vi /etc/inetd.conf

comment out any protocol that starts with an r

rm .rhosts files on the machine


set up /etc/hosts.equiv to prevent logins from all machines, deny all

vi /var/adm/inetd.sec and deny all rlogin protocols

inetd -c

To reload the Internet Services Daemon.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Uday_S_Ankolekar
Honored Contributor

‎02-12-2004 05:27 AM

‎02-12-2004 05:27 AM

Re: rlogin

comment out rlogin from /etc/inetd.conf
and restart inetd daemon by inetd -c.

Also remove .rhosts and hosts.equiv from users home and /etc directory.

Insted of "r" commands use ssh it's more secured and encrypted.

ssh can be used for scp, sftp etc.

ssh is available here for free:

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

-USA..
Good Luck..
Reply
Emilio Brusa
Frequent Advisor

‎02-12-2004 05:42 AM

‎02-12-2004 05:42 AM

Re: rlogin

in inetd.conf is the line
login stream tcp nowait root /usr/lbin/rlogind rlogind

isn it ?

thanks
0 Kudos
Reply
Ed Sampson
Frequent Advisor

‎02-12-2004 06:23 AM

‎02-12-2004 06:23 AM

Re: rlogin

You should also disable the remshd and rexecd commands. The full line looks something like this in the default inetd.conf file:
shell stream tcp nowait root /usr/lbin/remshd remshd
exec stream tcp nowait root /usr/lbin/rexecd rexecd

I would suggest that before you turn these off on a production system that you try to identify who is using them, or at least let people know that you are going to do it.

You can turn on logging on the inetd daemon with the -l option. It doesn't show who is using them, but it does show from what systems or workstations. The entries show up in syslog.
good luck.
Reply
Emilio Brusa
Frequent Advisor

‎02-13-2004 05:14 AM

‎02-13-2004 05:14 AM

Re: rlogin

Ed.

For what reasons I disable shell and exec.
Sorry but idont know they used.

E.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎02-13-2004 05:29 AM

‎02-13-2004 05:29 AM

Re: rlogin

Hi,

R-commands include rlogin, remsh and rexec.

rlogind (login service) services rlogin connections.
remshd (shell service) services remsh connections.
rexecd (exec service) services rexec connections.

So, if you want to turn off all these services, you will need to turn off shell and exec also along with login.

If you are only interested in "rlogin", then 'login' alone is sufficient.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.