Yes, that helps. It underscores how inadequate the pam man page is. Looking through the online (web accessible) man pages for pam is...
(you'd have to read them to get the joke).
Brian Brunner brian.t.brunner@xxxxxxxxxxxxxxx (610)796-5838
On Thu, Jan 15, 2004 at 02:15:18PM -0500, Brian T. Brunner wrote:nalin@xxxxxxxxxx 01/16/04 03:37PM >>>
Embedded application, runs as root, no local users,
Information needed: what files & settings therein prevent
root-to-root rcp.
Modify /etc/hosts.equiv or the target system's superuser's ~/.rhosts file to list the client server and user. Modify /etc/pam.d/rsh, adding "promiscuous" to the set of options passed to the pam_rhosts_auth.so module. Add "rsh" to the list of ttys in /etc/securetty. [1] Enable the server by running "chkconfig rsh on". Adjust any firewall the server has.
HTH,
Nalin
[1] The rsh server doesn't allocate a tty because the protocol doesn't use one, so it sets the tty to "rsh" for pam_securetty's benefit.
You should consider SSH, scp, instead.
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
