From: mr kay (mrkhairy_at_yahoo.com)
Date: 26 Oct 2004 18:23:44 -0700
Opps, sorry. Wrong info! Yes, rlogin=true means that user can remotely
login the server using telnet, rsh, rlogin and also ssh.
Second question, yes. Telnet does not provide any protection.
Sorry, I do get slow and foolish when reading emails in the morning!
firstname.lastname@example.org (TC) wrote in message news:<email@example.com>...
> We are using AIX operating system. I found that users are having
> attributes of rlogin = true. Also, we noted that users are connected
> to the host using a terminal emulation software that uses telnet
> connection. We have only 1 host system. Am I correct to say as
> 1. Users having attribute of rlogin = true means that they are able to
> remotely login to the host to perform their duties from their
> terminals without the need to be stationed in the server room where
> the host resides.
> 2. Remote login made via telnet is insecure and has no protection,
> encryption or any means to protect data, logins, passwords or any
> activity conducted from being sniffed by people in control of
> intermediate hosts.
> When I gave the above scenario to the IT expert in our company and
> recommended them to have a SSH connection, below is his comments:
> "When we have successfully logon server A and wish to logon server B
> without terminating the original logon, then we have to use "rlogin".
> We are not using this features in our daily operation because we have
> only one host."
> I'm confused? Does it mean that in a single host situation, remote
> terminals (lets say from different floors of the Company) using the
> telnet session of the terminal emulation software can still access the
> host even if the rlogin = false? If users can still access the host,
> are there any risks involved in this situation?
> Please advice. Thank you.