[prev in list] [next in list] [prev in thread] [next in thread]
List: secure-shell
Subject: Re: Problem I am having with ssh
From: "Ong Guan Sin" <cceonggs () leonis ! nus ! sg>
Date: 1995-12-20 11:33:43
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
> Right now, I am using root /.rhosts files with rsh to do some automated system
> administration tasks. I would like these to be run over ssh, without having
> to keep the /.rhosts files around. Right now, if the local machine isn't in
> the remote's machine /.rhosts, it will ask me for a password. This obviously
> won't work on an automated basis. If I put the local machine in the remote's
> .rhosts file, it will then function as desired.
I think you can use .shosts instead of .rhosts to overcome your problem.
This is what the ssh man page says:
$HOME/.rhosts
This file is used in .rhosts authentication to list the host/user
pairs that are permitted to log in. (Note that this file is also
used by rlogin and rsh, which makes using this file insecure.) Each
line of the file contains a host name (in the canonical form
returned by name servers), and then a user name on that host,
separated by a space. One some machines this file may need to be
world-readable if the user's home directory is on a NFS partition,
because sshd reads it as root. Additionally, this file must be
owned by the user, and must not have write permissions for anyone
else. The recommended permission for most machines is read/write
for the user, and not accessible by others.
Note that by default sshd will be installed so that it requires
successful RSA host authentication before permitting .rhosts
authentication. If your server machine does not have the client's
host key in /etc/ssh_known_hosts, you can store it in
$HOME/.ssh/known_hosts. The easiest way to do this is to connect
back to the client from the server machine using ssh; this will
automatically add the host key in $HOME/.ssh/known_hosts.
$HOME/.shosts
This file is used exactly the same way as .rhosts. The purpose for
having this file is to be able to use rhosts authentication with
ssh without permitting login with rlogin or rsh.
Regards,
GS
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Go for PGP!
iQCVAwUBMNeEBeM1L92l84PBAQEC5AQAuuFainBtAG+aeetuoACjfbCu+NUe4Oin
mSL88UfHC53VyZu3vR38/aeFCu5D/lOI8tMeyYF9gukunzyFdwHHbSz/0TrDw4xr
GwJNE1rDCrItU5uYZzd7R2k5lVjO9FY4ezxRnw8SB3qy1L1+EXhTdvhe52/aFP4l
BGuoShpEOVY=
=n4Bc
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic