Date: Mon, 09 Oct 2017 12:14:26 -0700 From: Cy Schubert <Cy.Schubert@komquats.com> To: "Julian H. Stacey" <jhs@berklix.com> Cc: freebsd-arch@freebsd.org Subject: pam_rhosts (was: Re: rtools were deemed almost unused 15 years ago...) Message-ID: <201710091914.v99JEQTw082402@slippy.cwsent.com> In-Reply-To: Message from "Julian H. Stacey" <jhs@berklix.com> of "Wed, 04 Oct 2017 12:35:03 %2B0200." <201710041035.v94AZ4JM095529@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <201710041035.v94AZ4JM095529@fire.js.berklix.net>, "Julian H. Stacey " writes: > > Have you picked up the recent changes to the code in your port? > > > > ----- Jeremie Le Hen's Original Message ----- > > > I've slacked a bit but here we are: > > > https://reviews.freebsd.org/D12573 > > >=20 > > > On Sat, Jul 1, 2017 at 12:08 PM, Jeremie Le Hen <jlh@freebsd.org> wrote: > > > > On Sat, Jun 24, 2017 at 10:29 PM, Jeremie Le Hen <jlh@freebsd.org> wrot > = > > e: > > > >> So the first step was to create a port with FreeBSD rcmds, here we > > > >> are! But I need some eyes to vet it: > > > >> https://reviews.freebsd.org/D11345 > > > > > > > > The port has been submitted and RCMDS are disabled by default from the > > > > base system. > > > > > > > > See you in a month for the removal! > > > NO ! It's maddening, code vandals periodicaly wanting to delete working code > & pontificating what others globaly should be denied, & forced to do & not do > . > > One example why FreeBSD should not delete rlogin & telnet etc > 3 days ago, a host with broken sshd (bad shared libs version > number), was rescued by ssh to trusted parent host, then rlogin > from that parent host to underlying jail. > > 3rd party code vandals are Not fit to decide what code should be > denied globaly in other peoples' environments. By all means leave off by > default in /etc/inetd.conf as now, but do Not Vandal Delete ! > > BSD is not Microsoft replete with masses of clueless users. BSD > includes skilled users who may wish to make their own risk assessments, > without interference. Ahh but there are masses clueless UNIX, Linux, and BSD users. I deal with these people on a daily basis at $JOB (to them it's %JOB). They're developers, mostly java developers but others too, who only understand Microsoft, and that just barely if even that. Worse is the approval they have for sudo privileges. It's scary. Protecting users from themselves is the right thing to do. Part of the issue with rcmds is they don't support encryption, which is why MIT created kerberized versions of the same utilities. Removing rcmds solves half the problem. The other is rhosts, implemented by pam_rhosts. Why in the world do we still allow IP address based authentication? (I suppose it's OK on a local home network with one or two family members as users.) Seriously, rhosts is the major reason why rcmds is insecure. It was pointed out that pam_rhosts is still used by sshd. I think that's asking for trouble. It's time to discard the rhosts baggage. It's insecure and why ssh keys were developed in the first place. rhosts should be deprecated and removed prior to 13. P.S. This is one issue. There are two others I'd raise here but let's focus on this one first. -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710091914.v99JEQTw082402>