From: Nicole Skyrca (nskyrca@syr.edu)
Date: Tue Nov 11 2003 - 10:28:34 EST
Hi,
I fixed this problem by putting in an old pam.conf file. Here is the
"authentication management" section
of the pam.conf that works:
# Authentication management
#
login auth requisite pam_authtok_get.so.1
login auth required pam_dhkeys.so.1
login auth required pam_unix_auth.so.1
login auth required pam_dial_auth.so.1
#
rlogin auth required pam_rhosts_auth.so.1
rlogin auth requisite pam_authtok_get.so.1
rlogin auth required pam_dhkeys.so.1
rlogin auth required pam_unix_auth.so.1
#
dtlogin auth requisite pam_authtok_get.so.1
dtlogin auth required pam_dhkeys.so.1
dtlogin auth required pam_unix_auth.so.1
#
rsh auth sufficient pam_rhosts_auth.so.1
rsh auth required pam_unix_auth.so.1
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_auth.so.1
Nicole
----------Original Post -----------------------
Hello,
I have a user who is trying to use rsh to execute a command on a remote
machine, but when he does he gets the error "insufficient credentials". The
user has "+ username" in his .rhosts file. The command they are running from
machine A to B is "rsh -l username B ls".
I found something on the web saying that for this to work, the /etc/pam.conf
entries for rsh should be like the following, but when I use these settings,
I
am no longer able to "su" to root. It just says "su: Sorry". I've also tried
using the "pam_unix.so.1" module, but no luck.
rsh auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rsh auth required /usr/lib/security/$ISA/pam_unix_auth.so.1
The local machine (A) is runnig Solaris 8 HW 5/03, and has patch 108993-26.
The remote machine (B) is running Solaris 8 HW 5/03 with patch 108993-22
installed.
The "authentication management" portion of the /etc/pam.conf for machine A
is:
# Authentication management
#
login auth required /usr/lib/security/$ISA/pam_unix.so.1
login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1
#
rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1
The "authentication management" portion of the /etc/pam.conf for machine B
is:
# Authentication management
#
login auth required /usr/lib/security/$ISA/pam_unix.so.1
login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1
#
rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1
How could I fix this problem?
Thanks!
Nicole
Nicole Skyrca
Syracuse University
Computing and Media Services
Machinery Hall
315-443-5310
nskyrca@syr.edu
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:27 EDT