[buug] rlogin
Rick Moen
rick at linuxmafia.com
Fri Nov 22 13:22:03 PST 2002
Quoting John Landahl (john at landahl.org):
> It's not that it's not recommended, it's more that it SHOULD SIMPLY NEVER BE
> USED. In previous sysadmin jobs we used to seek and destroy .rlogin and
> hosts.equiv files as a matter of policy.
Isn't it simpler just to make sure rshd and rlogind are disabled?
> With the existence of OpenSSH there's just no reason for these commands to
> exist anymore. Aaron mentioned ssh-agent: this standard SSH command makes
> ssh as easy to use as rlogin, but far *far* more secure.
>
> Remember, not only is rlogin insecure for authentication purposes....
Oddly, enough, most implementations have a Kerberos option. Not that
that is sufficient, but I thought I'd just mention it.
--
Cheers, "Azathoth need not be present to win."
Rick Moen -- Charles O. Baucum, Jr.
rick at linuxmafia.com
More information about the buug
mailing list