[1858] in testers
Re: rsh -x
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Mon Aug 12 16:53:42 1991
Date: Mon, 12 Aug 91 16:53:40 -0400
From: tytso@ATHENA.MIT.EDU (Theodore Ts'o)
To: "Richard Basch" <basch@MIT.EDU>
Cc: "Mark W. Eichin" <eichin@MIT.EDU>, testers@MIT.EDU, network@ATHENA.MIT.EDU
In-Reply-To: Richard Basch's message of Sun, 11 Aug 91 04:08:20 EDT,
Reply-To: tytso@athena.mit.edu
Yet Another Surprising change which happened because Kerberos
compatibility was turned off:
.klogin files of the form:
USER=tytso INSTANCE=root
USER=eichin INSTANCE=root
... no longer work.
This causes problems because if you try to do an encrypted rlogin to a
host which you think you have access to, but you don't, rlogin gives you
the clever error message:
rcmd: bad connection with remote host
rlogin: Kerberos rcmd failed: rcmd protocol failure.
... instead of prompting for a password.
This is a fairly serious change, since there are probably people (like
myself) who have had the same old-style .klogin file for ages, and never
changed it. At the very least this should be documented in the release
notes, and I would argue for re-enabling the code to use the old format
.klogin.
Maybe we could justify turning off the old code if the release process
ran a script which ran over /.klogin (and possibly every user's home
directory as well!) and updated the old-style .klogin files to the new
format. I would probably wait an extra release cycle just to make sure,
though, since putting in the compatibility code has a fairly trivial
cost.
- Ted
