wyatt@cfa.HARVARD.EDU (Bill Wyatt,OIR) (09/10/90)
[...] |>>Since I use X on several machines at once, I have a script run at |>>login time to rlogin to those few machines I always use. My .login on |>>those remote machines copies a files into .rhosts. I also have a `log' |>>command aliased to set an environment variable before logging out so I |>>can log out but not have the .logout script kill the .rhosts file. |> So you type your password several times (ie one per machine) to |> gain access to all of the other machines?? |> If you are woried about wire security, then here you are sending your |> unencrypted password across the network several times. If you are only |> woried about others faking host addresses, well, mabye. But is it |> really worth the added inconvinence? I would not be suprised to find |> scripts that "Do this automagically" from one or more people. [...] Yes, I do indeed type my password several times (actually, usually twice other than the initial login). Each password is different, of course. Note that I believe it is perfectly OK to write passwords down as long as you keep them in your wallet, NOT!!! on the terminal or in your desk. No, I am not worried at all about wire security. I concede that this would be bad in that case. Yes, it is worth the (really very minor) inconvenience. We had a real case last spring where someone walked all over us partly because of our free use of .rhosts files. Fortunately, no lasting damage (other than many $1000's of our time) was done. The extra minute spent in the morning is small potatoes. Bill Wyatt, Smithsonian Astrophysical Observatory (Cambridge, MA, USA) UUCP : {husc6,cmcl2,mit-eddie}!harvard!cfa!wyatt Internet: wyatt@cfa.harvard.edu SPAN: cfa::wyatt BITNET: wyatt@cfa