How to Prevent Unauthorized Access From Remote Systems With PAM (System Administration Guide: Security Services)

System Administration Guide: Security Services

Previous: How to Add a PAM Module
Next: How to Initiate PAM Error Reporting

How to Prevent Unauthorized Access From Remote Systems With PAM

Remove the rlogin auth rhosts_auth.so.1 entry from the PAM configuration file. This step prevents the reading of the ~/.rhosts files during an rlogin session. Therefore, this step prevents unauthenticated access to the local system from remote systems. All rlogin access requires a password, regardless of the presence or contents of any ~/.rhosts or /etc/hosts.equiv files.

Note –

To prevent other unauthenticated access to the ~/.rhosts files, remember to disable the rsh service. The best way to disable a service is to remove the service entry from the /etc/inetd.conf file. Changing the PAM configuration file does not prevent the service from being started.

Previous: How to Add a PAM Module
Next: How to Initiate PAM Error Reporting