Date: Fri, 13 Oct 2000 16:24:32 -0400 (EDT) From: Vivek Khera <khera@kciLink.com> To: stable@freebsd.org Subject: turning off rcmd is premature Message-ID: <14823.28544.576629.49007@onceler.kciLink.com>
next in thread | raw e-mail | index | archive | help
Earlier this week, the rcmd (rshd/rlogin) service was turned off by default for new installs, and if you let mergemaster update your config to the current "recommended" settings. I think this is premature. From where I sit, at least one more thing needs to be updated to allow using ssh before rcmd can be turned off. That is rmt. As it stands, new installs by default will not be able to do remote dumps properly until rshd is enabled in both inetd.conf and pam.conf. If rmt supported ssh as a transport (apparently OpenBSD's version does), then it would make sense to turn off rshd totally. I understand that the default config is just that, but there should be some consideration as to it being sensible. For myself, I protect rshd using tcpwrappers, so I'm not too worried about it for doing the dumps. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Vivek Khera, Ph.D. Khera Communications, Inc. Internet: khera@kciLink.com Rockville, MD +1-301-545-6996 GPG & MIME spoken here http://www.khera.org/~vivek/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14823.28544.576629.49007>