Content deleted Content added
→Authentication: converting to {{code|...}} |
|||
Line 46:
|}
The original Berkeley package that provides rlogin also features rcp (remote-copy, allowing files to be copied over the network) and [[Remote Shell|rsh]] (remote-shell, allowing commands to be run on a remote machine without the user logging into it). These share the hosts.equiv and {{code|.rhosts}} access-control scheme (although they connect to a different daemon, rshd).▼
▲The original Berkeley package that provides rlogin also features rcp (remote-copy, allowing files to be copied over the network) and [[Remote Shell|rsh]] (remote-shell, allowing commands to be run on a remote machine without the user logging into it). These share the hosts.equiv and .rhosts access-control scheme (although they connect to a different daemon, rshd).
==Commands==
Line 86 ⟶ 84:
* All information, including passwords, is transmitted unencrypted (making it vulnerable to interception).
* The {{code|.rlogin}} (or {{code|.rhosts}}) file is easy to misuse. They are designed to allow logins without a [[password]], but their reliance on remote usernames, hostnames, and IP addresses is exploitable. For this reason many corporate system administrators prohibit {{code|.rhosts}} files, and actively scrutinize their networks for offenders.
* The protocol partly relies on the remote party's {{code|rlogin}} client to provide information honestly, including source port and source host name. A
* The common practice of mounting users' home directories via [[Network File System]] exposes rlogin to attack by means of fake {{code|.rhosts}} files - this means that any of its security faults automatically plague {{code|rlogin}}.
Due to these problems, the r-commands fell into relative disuse (with many Unix and [[Linux]] distributions no longer including them by default). Many networks that formerly relied on {{code|rlogin}} and {{code|telnet}} have replaced them with [[Secure shell|SSH]] and its {{code|rlogin}}-equivalent
==See also==
| |||