There's a minor bug or documentation discrepancy in rsh-server/pam in Mandrake
8.1 - perhaps some one who has authority can submit a bug report or correct
it! ;-)
To review, the comment line in /etc/pam.d/rsh, which says
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
is incorrect. The string 'tty' must be placed in /etc/securetty.
--- Begin Message ---
Ok, I found it. In 'rshd.c', there's this line of code:
pam_set_item (pamh, PAM_TTY, "tty");
This sets the token looked for in /etc/securetty. So the comment in
/etc/pam.d/rsh is wrong - the value needed in /etc/securetty is 'tty',
not 'rsh'.
This works. After adding the string 'tty' at the end of /etc/securetty,
the command 'rsh otherhost ls' works if it's executed by 'root'.
This was with LM 8.1.
> Hi Glenn,
>
> I believe there was an issue with /etc/securetty that prevented rsh from
> working. I'll have to look back at my archives later tonight and see if I
> can find the details - it's been a while!
>
> That is, unless someone else on the list can explain better why rsh is such
> a problem for root under LM8.x?
>
> -----Original Message-----
> From: Glenn Burkhardt
> To: [EMAIL PROTECTED]
> Sent: 11/7/01 11:17 AM
> Subject: [expert] rsh - Permission Denied
>
> I've found your long correspondence about securetty and rsh for root in
> the Mandrake expert archive - did
> you every find a solution other than using ssh?
>
> Thanks.
--- End Message ---