ronniek@cs.tamu.edu (Ronnie Killough) (03/24/90)
I want to be able to rlogin, as root, to any of our NeXT machines, without specifying a password. On our normal Unix machines, we just place the hostname of the 'administation' machine in each machine's /.rhosts file. When I try this on the NeXT, and rlogin as root, it says Login incorrect Connection closed. Does anyone know why? Ronnie Killough ronniek@cssun.tamu.edu
mic@ut-emx.UUCP (Mic Kaczmarczik) (03/24/90)
In article <4650@helios.TAMU.EDU> ronniek@cs.tamu.edu (Ronnie Killough) writes: >I want to be able to rlogin, as root, to any of our >NeXT machines, without specifying a password. On our >normal Unix machines, we just place the hostname of >the 'administation' machine in each machine's /.rhosts >file. > >When I try this on the NeXT, and rlogin as root, it >says > Login incorrect > Connection closed. > >Does anyone know why? The 4.3 BSD init and login programs assume by default that terminals are ``insecure'', and don't allow root to log into such a terminal for security reasons. You have to explicitly tell init that a terminal (e.g. the console) is safe for root to log into. On the cube, only the system console and the two serial ports are secure by default. To change this, modify /etc/ttys so lines that look like ttyp0 none network instead look like ttyp0 none network secure Just a reminder, the more convenient you make it for a remote system administrator to log into a machine, the more convenient you make it for people to break into it. An alternative here would be to ``su'' after logging into the machine as a normal user, and leave the pseudo- terminals insecure. -- Mic Kaczmarczik mic@emx.utexas.edu (Internet) Unix/VMS/Cyber Services mic@utaivc (BITNET) UT Austin Computation Center ...!cs.utexas.edu!ut-emx!mic (UUCP) COM 1 / UT Austin / Austin, TX 78712 ``Good tea. Nice house.'' -- Worf Please direct consulting questions to gripe@{emx,ix2,ccwf,iv1} as appropriate.