[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]

To: Stephen Marley <stephen@openkast.com>
Subject: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
From: Chuck Yerkes <chuck@snew.com>
Date: Wed, 8 May 2002 16:35:02 -0700
Cc: "'tech@openbsd.org'" <tech@openbsd.org>
Content-Disposition: inline
References: <B3CF4D2DF451D411B27300D0B77E6A700DF186@vorlich.openkast.com>
User-Agent: Mutt/1.2.5i

  ln -s ssh /usr/bin/rsh

For the last 10 years, dumps I've done have either used
kerberized rsh or ssh or a physically separate "pocket network"
(eg. 12 hosts wired on a spare NIC to the machine with the jukebox
because the dumps were killing the main network).
A neat way to steal data from secure machines is just to sniff
the dumps going across the network.

rsh is bad, mm'kay?

Quoting Stephen Marley (stephen@openkast.com):
> Todd C. Miller [mailto:Todd.Miller@courtesan.com] writes:
> > In message <Pine.BSO.4.43.0205071438190.17900-100000@arx.rog.eu.tc>
> > 	so spake Thorsten Glaser (tygs):
> > 
> > > The servers go away, the clients stay.
> > 
> > No, the clients are gone too I'm afraid.
> > 
> >  - todd
> 
> Are we going to lose the ability to dump/restore remotely using rmt?
> According to rmt(8), rmt is started with an rexec or rcmd call.

References:
- Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
  - From: Stephen Marley <stephen@openkast.com>

Prev by Date: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Next by Date: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Prev by thread: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Next by thread: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Index(es):
- Date
- Thread