Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

OpenSSH with RLOGIN=false

124 views
Skip to first unread message

Dave

unread,
Mar 6, 2008, 1:48:34 PM3/6/08
to
Is there an alternative way for the user still able to use SSH to
login to AIX with RLOGIN=false?
Also for the user able to use SFTP with RLOGIN=false?

Henry

unread,
Mar 6, 2008, 9:12:38 PM3/6/08
to

what are you wanting to achieve ?
Good idea having rlogin=false but it does restrict access "a bit"

Dave

unread,
Mar 7, 2008, 11:36:56 AM3/7/08
to

I am trying to help with the SFTP from MainFrame to AIX.
I thought the newer version of OpenSSH (4.3.x) is able to allow the
user use SSH clinet with RLOGIN=false.

Bob Dobbs

unread,
Mar 9, 2008, 9:50:19 AM3/9/08
to

If I'm understanding the question correctly, and from my experiences
with ssh on AIX to date, ssh access and inetd services access (such as
login, rlogin, rsh, etc...) are 2 different things. ssh access is
controlled by /path/to/sshd_config (ssh server config) and
/path/to/ssh_config (client access config). So, "rlogin=false" should
not have anything to do with sftp, scp, ssh operations.

To see what "inetd" services are active (and this is specific to AIX,
not ssh) run lssrc -ls inetd (or see what is uncommented in
/etc/inetd.conf). To see whether a user can login (console), rlogin
(remote access via telnet), lsuser -a login rlogin username

Hope that helps...

Pete
p.s. Don't forget to "refresh -s inetd" if any services are changed or
stopsrc -s sshd && startsrc -s sshd to refresh sshd if any of its
configuration has been changed...P

Henry

unread,
Mar 9, 2008, 3:41:21 PM3/9/08
to

hmm... ok, I'm perhaps mistaken, because what you're saying makes a
lot of sense.

0 new messages