Re: rsh equivalent


William E. Sommerfeld (wesommer@athena.mit.edu)
11 Mar 88 00:53:14 GMT


In article <In article <102@icarus.kulcs.uucp> In article <102@icarus.kulcs.uucp> dannyb@kulcs.UUCP (Danny Backx) writes:
>If you need better authentication than BSD's r*, I think this may do :
>the rex-system uses the same "UNIX-style authentication" that the entire RPC
>package uses.

Have you actually looked at what `UNIX style authentication' is for
Sun RPC?

The client puts its hostname, userid and group set in the packet; the
server is expected to take the client's word for it, and usually does.

Calling Sun's rex, with UNIX style authentication, ``more secure than
rlogin'' is like calling a Medeco padlock on a paper bag more secure
than a Master padlock on a cardboard box.

Sun may have a `secured RPC' version of `rex' in release 4.0 which
would be more secure than rlogin/rsh, although not quite as secure as
a modified rsh using Kerberos (the MIT/Athena authentication system).

                                        Bill Sommerfeld
                                        MIT Project Athena.



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:41:31 GMT