I am allowing rsh access from a select client list by adding them to .rhosts file which only read permission and this works. Yeah I know this is inherent insecure but it is required for what I am trying to do. Currently inetd.conf has tcpd wrappers which runs in.rshd. Strangely enough putting entries in hosts.allow seems to have no effect. I.E I get in whether I put an entry in for in.rshd or not. I.e .rhosts is sufficient. I notice on a redhat system one seems to have to add it and one has put in rsh into /etc/securetty... Just curious to know.
The manpage for in.rshd seems to confirm what I am seeing It is as though tcp-wrappers is not doing anything...perhaps pam authentication is being used directly? Anyone confirm this for woody systems?
