Stupid sysadmin question

Jerry Feldman gaf-mNDKBlG2WHs at public.gmane.org
Thu Nov 5 09:27:35 EST 2009


I would agree with you. To put this into context, the guy who wants this
feature is a PHD financial engineer who also likes to try to read and
understand C++ and Python code.

As I mentioned, the reason I was having trouble is that rsh/rexec/rlogin
were not installed. I did install them on one server. Now, when I run
exceed (eg xstart) it pops up a dialog box with "Where are you".
Note that I do have these configured into xinetd on that system.
Basically, what I want to do now is twofold:
First, get this working just as an exercise before I deinstall them.
Secondly find out if I can get the SSH upgrade installed on his system
(I have to contact our IT guys in NY, but if they have it, they will
install it).

It is also a political problem since we have a lab up in Toronto where
they have both Solaris and Linux set up with rsh, rlogin, rexec. But,
for anyone to get access to those systems they have to connect through
Citrix. Here, anyone who can sneak into our office or into the computer
room can access our VPN. So, I have to convince them that rsh is a bad
thing.

On 11/05/2009 08:16 AM, Bill Ricker wrote:
>
>
> On Wed, Nov 4, 2009 at 3:01 PM, Jerry Feldman <gaf-mNDKBlG2WHs at public.gmane.org
> <mailto:gaf-mNDKBlG2WHs at public.gmane.org>> wrote:
>
>     Some of my users want to be able to access our servers directly fro=
m
>     Exceed. I'm not overly concerned about security since we are
>     locked down
>     under a VPN. I need Exceed to be able to use ssh, but it looks
>     like the
>     options are to use either rsh or rexec.
>
>
> Ssh is an add-on option from eXceed. Worked nice for us back when, but
> I'm mostly using PuTTY at $dayjob these days, don't need much X based
> apps.
>
> rsh and rexec must die. rsh and rexec should be scary even if THESE
> users are VPN tunneled, as then you have to be very careful to prevent
> rsh+ from accepting connxns from non-VPN. ever. easiest is uninstall ..=
=2E
>


--=20
Jerry Feldman <gaf-mNDKBlG2WHs at public.gmane.org>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846







More information about the Discuss mailing list