ftp using .rhosts or rhsts.equiv
barmar at Think.COM
barmar at Think.COM
Wed Dec 13 16:31:37 AEST 1989
In article <DOUGM.89Dec10124339 at queso.ico.isc.com> dougm at ico.isc.com (Doug McCallum) writes:
>Non-UNIX systems don't have the priviledged port mechanism. It would
>be quite simple to spoof the FTP daemon even with the mechanism you
>suggest. It would be much better to add something like the Kerberos
>authentication system and forget the priviledged port business.
The original poster was only looking for a mechanism as secure as rsh,
which uses privileged ports and the hosts.equiv file to implement its
security. If a site is concerned about spoofing, it should only put Unix
systems in its hosts.equiv file. Password-less access would always be
rejected from hosts not in this file; for hosts in the file ("trusted"
hosts), password-less access would be permitted only from privileged ports.
Barry Margolin, Thinking Machines Corp.
barmar at think.com
{uunet,harvard}!think!barmar
More information about the Comp.unix.wizards
mailing list