• Part I
  • sun managers I
• Part D
  • sun managers D
• Part L
  • sun managers L
• Part H
  • sun managers H
• Part B
  • sun managers B
• Part E
  • sun managers E
• Part J
  • sun managers J
• Part F
  • sun managers F
• Part C
  • sun managers C
• Part K
  • sun managers K

How to enforce offical-host-name for rsh/rlogin?

Thorburn-Gundlach<dtg@cae091.ed.ray.com> which

answered my question. Problem resolved. The

original question and the answer from David is

forwarded as follows:

attached mail follows:

Kerr --

Kerr Tung wrote:

>

> Hi all,

Hi there!

>

> How do I make a host's official-host-name, i.e.

> abc.def.com be recognized by rsh/rlogin, not the

> nickname abc?

That FQDN must be the first thing that a name lookup will see.

>

> I checked the hostname abc with "nslookup abc" and

> "ypcat hosts |grep abc" and didn't find anything

> different for this host from the other hosts

> defined -- it is defined with both abc.def.com and

Which is first on the line, though?

> abc. However, when I use rsh/rlogin to this

> machine, only the nick name is accepted. I hate to

> add "abc" in the /etc/hosts.equiv or .rhosts to

Yeah; that's not such a good idea.

> just make it work, reasoning that may impose a

> bigger security hole than just having the official

> host name abc.def.com.

You didn't mention your OS, but you mentioned running under YP... If

you're running Solaris, it's fairly easy, though it will completely go

around your YP hosts map (so why bother keeping it up?); mind you, *all*

programs will see DNS first. Just modify /etc/nsswitch.conf to ensure

that "dns" comes before "nis" on the "hosts:" line.

You could also turn your YP hosts map inside out. You probably have

something like this at the moment:

        111.222.333.444 abc abc.def.com

If you want rsh to recognize the remote machine as abc.def.com instead

of abc, you need to have your entries look like

        111.222.333.444 abc.def.com abc

Both of these are because in.rshd/in.telnetd/etcetc all get an IP

address and have to see what host name *the*local*machine* thinks it is;

it make a call (probably gethostbyaddr, but I'm not enough of a

programmer to know) to its name service(s) to find out what the right

value is, and returns the FIRST thing it finds.

>

> How should I fix this? No flame for using .rhosts

> and hosts.equiv, please.

Hey; I'm with ya ;-)

>

> Thanks,

> Kerr

:-D

--
David Thorburn-Gundlach
dtg@cae091.ed.ray.com,david@bae.uga.edu
Raytheon 508/440-2016 or 508/440-2317

Comments

"sun managers M [Part M]" Sponsored Links

• "sun managers M [Part M]" New Questiones!

  • How to enforce offical-host-name for rsh/rlogin -- Repost
  • How to determine which package has a specific library?
  • how to create a file system across two disk
  • How to compile GCC
  • How to print on HP laserjet 4 + without PS card ?
  • How send output on XWindow ewmulator
  • How many cpu´s ?
  • How does "shutdown" in Solaris 2.6 notify users of impending shutdown?
  • How does "shutdown" in Solaris 2.6 notify users of impending shutdown?
  • How do you use an ISDN line on sparc 10?
  • How do I choice a hostid ?
  • How can I watch the progress of a file being read?
  • hot or not: GOglobal ?
  • Hosts not found.
  • hostname's and shell/command tools
  • hostname.le0 disappears from jumpstart
  • hostid changed after new installation
  • Host-based packet filtering
  • Host access list for connection via IP port 25 (SMTP)
  • hme0 Oerrs

Copyright © 2008 thatsjava.com • All rights reserved • CMS Theme by WebmasterFund.com - 0.156