| 1 |
I assume you mean passwordless logins. |
| 2 |
|
| 3 |
my /etc/pam.d/rlogin: |
| 4 |
#%PAM-1.0 |
| 5 |
# For root login to succeed here with pam_securetty, "rlogin" must be |
| 6 |
# listed in /etc/securetty. |
| 7 |
auth required pam_nologin.so |
| 8 |
auth required pam_securetty.so |
| 9 |
auth required pam_env.so |
| 10 |
auth sufficient pam_rhosts_auth.so |
| 11 |
auth include system-auth |
| 12 |
account include system-auth |
| 13 |
password include system-auth |
| 14 |
session include system-auth |
| 15 |
|
| 16 |
My /etc/pam.d/rsh |
| 17 |
#%PAM-1.0 |
| 18 |
# For root login to succeed here with pam_securetty, "rsh" must be |
| 19 |
# listed in /etc/securetty. |
| 20 |
auth required pam_nologin.so |
| 21 |
auth required pam_securetty.so |
| 22 |
auth optional pam_env.so |
| 23 |
|
| 24 |
# Uncomment this and comment the following to use rhosts_auth module |
| 25 |
auth required pam_rhosts_auth.so |
| 26 |
#auth include system-auth |
| 27 |
|
| 28 |
account include system-auth |
| 29 |
session include system-auth |
| 30 |
|
| 31 |
My /etc/pam.d/rexec |
| 32 |
#%PAM-1.0 |
| 33 |
# For root login to succeed here with pam_securetty, "rexec" must be |
| 34 |
# listed in /etc/securetty. |
| 35 |
auth required pam_nologin.so |
| 36 |
auth required pam_securetty.so |
| 37 |
auth optional pam_env.so |
| 38 |
auth required pam_rhosts_auth.so |
| 39 |
auth include system-auth |
| 40 |
account include system-auth |
| 41 |
session include system-auth |
| 42 |
|
| 43 |
|
| 44 |
then add the three protocols to /etc/securetty =) |
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
On May 17, 2006, at 1:54 PM, Jared Greenwald wrote: |
| 52 |
|
| 53 |
> Now the only problem is how do stop pam from blocking rsh access? |
| 54 |
> |
| 55 |
> -Jared |
| 56 |
> |
| 57 |
> On 5/17/06, Brady Catherman <bradyc@××××××.edu> wrote: |
| 58 |
>> There shouldn't be an rsh process running. xinetd starts it when a |
| 59 |
>> user connects. |
| 60 |
>> |
| 61 |
>> The best way to troubleshoot xinetd problems is to start xinetd in |
| 62 |
>> debugging mode. |
| 63 |
>> |
| 64 |
>> xinetd -d |
| 65 |
>> |
| 66 |
>> If you see that the servive started then you can do a netstat -ap and |
| 67 |
>> look for the service name in there (shell/login/exec for rsh/rlogin/ |
| 68 |
>> rexec). Once there you should be good to go =) |
| 69 |
>> |
| 70 |
>> |
| 71 |
>> On May 17, 2006, at 1:35 PM, Jared Greenwald wrote: |
| 72 |
>> |
| 73 |
>> > I'm looking for some help in setting up netkit rsh. |
| 74 |
>> > |
| 75 |
>> > Please no comments about how rsh in unsecure and all that = I know |
| 76 |
>> > that, but I need rsh specifically to hook into a tool that my IT |
| 77 |
>> > department uses for backups. |
| 78 |
>> > |
| 79 |
>> > So, I've got netkit-rsh and xinetd installed. |
| 80 |
>> > |
| 81 |
>> > In the /etc/xinetd.d/rsh file I've changed the following from: |
| 82 |
>> > |
| 83 |
>> > disable yes |
| 84 |
>> > |
| 85 |
>> > to |
| 86 |
>> > |
| 87 |
>> > disable no |
| 88 |
>> > |
| 89 |
>> > Then I restarted xinetd. At this point there is an xinetd process, |
| 90 |
>> > but no rsh (rshd or in.rsh) process running. |
| 91 |
>> > |
| 92 |
>> > A quick look in the log shows that one xinetd service has started: |
| 93 |
>> > |
| 94 |
>> > May 17 13:47:21 neserv-1 xinetd[7141]: xinetd Version 2.3.13 |
| 95 |
>> started |
| 96 |
>> > with libwrap loadavg options compiled in. |
| 97 |
>> > May 17 13:47:21 neserv-1 xinetd[7141]: Started working: 1 available |
| 98 |
>> > service |
| 99 |
>> > |
| 100 |
>> > So, the question is - what am I missing? |
| 101 |
>> > |
| 102 |
>> > Any and all assistance would be greatly appreciated. |
| 103 |
>> > |
| 104 |
>> > Thanks, |
| 105 |
>> > Jared |
| 106 |
>> > |
| 107 |
>> > -- |
| 108 |
>> > gentoo-cluster@g.o mailing list |
| 109 |
>> > |
| 110 |
>> |
| 111 |
>> -- |
| 112 |
>> gentoo-cluster@g.o mailing list |
| 113 |
>> |
| 114 |
>> |
| 115 |
> |
| 116 |
> -- |
| 117 |
> gentoo-cluster@g.o mailing list |
| 118 |
> |
| 119 |
|
| 120 |
-- |
| 121 |
gentoo-cluster@g.o mailing list |
Archives