Red Hat Bugzilla – Bug 16170
RFE: enable REMOTEHOST (pam_env)
Last modified: 2008-05-01 11:37:57 EDT
It would be nice to see the REMOTEHOST Variable enabled per default (ie. to
see what computer you're coming from):
- uncomment REMOTEHOST in /etc/security/pam_env.conf
auth required /lib/security/pam_env.so
to /etc/pam.d/login, /etc/pam.d/rlogin and /etc/pam.d/rsh
auth required /lib/security/pam_nologin.so
Reclassifying to the rsh package, which owns in.rshd and in.rlogind's PAM
The /lib/security/pam_env.so has been since RH 7.1, only the REMOTEHOST entry in
/etc/security/pam_env.conf is still missing.
I'll discuss possisble security issues with the folks here and if it is
considered to be safe i'll include it in pam as well. If not i'll let you know
Read ya, Phil
I now tried to make PAM_RUSER and PAM_RHOST actually work, but didn't get it
right (PAM_RHOST works for rlogin but not for rsh, PAM_RUSER never seems to
Looking at the r*d code I'd say it can't work ...
Therefore I didn't use PAM to set these variables but did set it in rshd and
See #42880 . Maybe that's the proper solution (I asked on the beta list, but
there was no answer).
I've spent some time looking at the problem you described and it is actually the
same as described in #42880, and from what i've seen this is really the only
possible and proper solution, so i'll include the patch resp. a less buffer
overflow prone on in one of the next rsh packages.
Read ya, Phil
*** This bug has been marked as a duplicate of 42880 ***