Secure TTY on a 3B2
Lyndon Nerenberg
lyndon at cs.athabascau.ca
Sat Oct 6 03:38:44 AEST 1990
jkg at prism.gatech.EDU (Jim Greenlee) writes:
>Can anybody tell me how to define a tty port as being "secure" on a
>3B2/310? We're running SVR 3.2 and WIN TCP/IP 3.0.1. We recently upgraded
>from SVR 3.0 and WIN TCP/IP 1.1, which permitted rlogin or telnet as root.
>I can't see any way to do this with the current version of the software.
It's hard wired into the login program! There is a #define in the source
that turns it on and off.
I wanted to disable this, so I recompiled /bin/login and tryed to rlogin
as root. Much to my disgust, I discover that telnet and rlogin do not use
/bin/login, nut rather use /usr/etc/netlogin. Of course we don't have source
for the latter. Running emacs on the netlogin binary shows it to be the
BSD login command, with the usual WIN breakage thrown in.
If you have source, I highly recommend you replace telnetd, rlogind, and
/bin/login with the BSD versions. Beware that ruserok() in libnet.a is
broken (as is rresvport()), so you'll want to link in replacement versions
from BSD as well.
--
Lyndon Nerenberg VE6BBM / Computing Services / Athabasca University
{alberta,cbmvax,mips}!atha!lyndon || lyndon at cs.athabascau.ca
The only thing open about OSF is their mouth. --Chuck Musciano
More information about the Comp.sys.att
mailing list