| Variety Is the Spice of Life
Unix students ask me, “If rlogin is not good and we should only be using ssh, then why is it still supported? Why are we learning about it?” My answer is always to tell them that with everything good, there is bad, and vice versa. That's why you have variety. rlogin can also perform well. Here is an example. I have mentioned using ssh as a way to encrypt your remote access session, but that would only protect data in transit from being intercepted and read. If password sniffing, a common attack, took place, your data would be intercepted and your credentials exposed. One way to protect yourself from this exploit is to not type your password. The program rlogin can be configured to not require your password. If you know ahead of time that you'll be using your account from a given computer, you can create a file named .rhosts. You can make files and edit them, and put a line with the name of the remote computer you'll be using in that file. If you try to rlogin using the listing in the .rhosts file, you won't be asked for your password. In effect, the computer will trust the other computer for your account if you list it in your .rhosts. This is in itself a form of security, but it won't protect you from getting your credentials snatched from someone sniffing the network. There are also some security risks associated with the use of a .rhosts file. If the remote computer gets cracked into, the attacker might see this file and realize that she can now use that account to get into other systems. This could expose the remote systems. However, if you have a good Unix administrator who knows all of these dangers and how to do a risk assessment on which ones are more important to outweigh, then your system will be safe. |