How to Prevent Unauthorized Access From Remote Systems With PAM (System Administration Guide, Volume 2)

System Administration Guide, Volume 2

Previous: How to Add a PAM Module
Next: How to Initiate PAM Error Reporting

How to Prevent Unauthorized Access From Remote Systems With PAM

Remove the rlogin auth rhosts_auth.so.1 entry from the PAM configuration file. This prevents reading the ~/.rhosts files during an rlogin session and therefore prevents unauthenticated access to the local system from remote systems. All rlogin access requires a password, regardless of the presence or contents of any ~/.rhosts or /etc/hosts.equiv files.

Note -

To prevent other unauthenticated access to the ~/.rhosts files, remember to disable the rsh service. The best way to disable a service is to remove the service entry from /etc/inetd.conf. Changing the PAM configuration file does not prevent the service from being started.

Previous: How to Add a PAM Module
Next: How to Initiate PAM Error Reporting