dietrich@cernvax.UUCP (Dietrich Wiegandt) (01/12/88)
Ultrix 2.0 contains this very nice feature called RIS, which allows you to install Ultrix systems on a remote 'client' machines from a 'server' machine over Ethernet. To protect against misuse, any modification of the setup on the server requires a) that you invoke the 'ris' command being super-user b) that you type in the super-user password on request by ris. Now here comes the glitch: Ris apparently memorizes the -hopefully- encrypted super-user password typed in at ris installation time. However, as you all know, it is good practice to change the super-user password from time to time. This unfortunately makes 'ris' unusable, because when ris requests the super-user password and you type in the valid one, it returns you to the su-prompt without delay, i.e. it exits silently. When you type in any other password, including the one that was valid at installation time, it acknowledges your attempt with "Sorry\n" before exiting. The only way we were able to add a new client machine for ris services was to temporarily reinstall the super-user password which was valid at ris installation time. This procedure seems to be a bit awkward, taking into account that a modification of the root password can only be done on a secure terminal, which in many cases is only the system console. In our case, this console is in a separate building in an access-protected computer centre. So far our local DEC software support, who has been quite helpful on other occasions, has remained silent. Any solutions out there, netlanders? Are you listening, DEC? Dietrich Wiegandt CERN DD-Division CH-1211 Geneva, Switzerland ..!uunet!mcvax!cernvax!dietrich dietrich@cernvax.bitnet
dietrich@cernvax.UUCP (Dietrich Wiegandt) (01/19/88)
Apologies. I realized when I got mail from Fred Avolio at DEC (thank you, Fred) that he could not reproduce the problem that our root password was the culprit. It contained a Ctrl-C and hence RIS exited when the password was typed in. Moral: a) Think twice (at least) before you post an article describing your problem b) Beware of control characters in passwords, at least of those that can be interpreted in some way. Dietrich Wiegandt CERN DD-Division CH-1211 Geneva 23, Switzerland