[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: inetd.conf.changes
Peter Ehlin <pelin@voxi.se> writes:
> So, what should be in my /etc/inetd.conf if I want to have something
> like the old ekshell (encryption and authetication) and disallow the
> unencrypted rsh variants?
You can't really do this as it is now. The following (untested) patch
should disable non-encrypted V5 rsh sessions, if rshd is passed the -x
option, so if you have -k -x on both ports, you will get the desired
result, but probably because the v4 rsh:s will be royally confused by
the encrypted response.
We should fix this in a better way.
/Johan
--- rshd.c 2000/07/02 15:50:21 1.33
+++ rshd.c 2000/09/12 13:50:26
@ -363,6 +363,8 @
do_encrypt = 1;
memmove (cmd, cmd + 3, strlen(cmd) - 2);
} else {
+ if(do_encrypt)
+ fatal (s, "Encryption required");
do_encrypt = 0;
}