[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secure-shell
Subject:    Re: Problem I am having with ssh
From:       "Ong Guan Sin" <cceonggs () leonis ! nus ! sg>
Date:       1995-12-20 11:33:43
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----

> Right now, I am using root /.rhosts files with rsh to do some automated system
> administration tasks.  I would like these to be run over ssh, without having
> to keep the /.rhosts files around.  Right now, if the local machine isn't in
> the remote's machine /.rhosts, it will ask me for a password.  This obviously
> won't work on an automated basis.  If I put the local machine in the remote's
> .rhosts file, it will then function as desired.

I think you can use .shosts instead of .rhosts to overcome your problem. 
This is what the ssh man page says:

     $HOME/.rhosts
          This file is used in .rhosts authentication to list the host/user
          pairs that are permitted to log in.  (Note that this file is also
          used by rlogin and rsh, which makes using this file insecure.) Each
          line of the file contains a host name (in the canonical form
          returned by name servers), and then a user name on that host,
          separated by a space.  One some machines this file may need to be
          world-readable if the user's home directory is on a NFS partition,
          because sshd reads it as root.  Additionally, this file must be
          owned by the user, and must not have write permissions for anyone
          else.  The recommended permission for most machines is read/write
          for the user, and not accessible by others.

          Note that by default sshd will be installed so that it requires
          successful RSA host authentication before permitting .rhosts
          authentication.  If your server machine does not have the client's
          host key in /etc/ssh_known_hosts, you can store it in
          $HOME/.ssh/known_hosts.  The easiest way to do this is to connect
          back to the client from the server machine using ssh; this will
          automatically add the host key in $HOME/.ssh/known_hosts.

     $HOME/.shosts
          This file is used exactly the same way as .rhosts.  The purpose for
          having this file is to be able to use rhosts authentication with
          ssh without permitting login with rlogin or rsh.


Regards,

GS

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Go for PGP!

iQCVAwUBMNeEBeM1L92l84PBAQEC5AQAuuFainBtAG+aeetuoACjfbCu+NUe4Oin
mSL88UfHC53VyZu3vR38/aeFCu5D/lOI8tMeyYF9gukunzyFdwHHbSz/0TrDw4xr
GwJNE1rDCrItU5uYZzd7R2k5lVjO9FY4ezxRnw8SB3qy1L1+EXhTdvhe52/aFP4l
BGuoShpEOVY=
=n4Bc
-----END PGP SIGNATURE-----

[prev in list] [next in list] [prev in thread] [next in thread]