Problems with remote bru on PI's
Vernon Schryver
vjs at rhyolite.wpd.sgi.com
Fri Aug 25 05:15:35 AEST 1989
In article <8908232207.AA26042 at dasys1.UUCP>, rpaul at dasys1.UUCP (Rod Paul) writes:
> Remove the passwd field in the guest account on the remote machine.
> SGI is aware of the problem (not to say the security risk). I suggest
> not going this route if you have a modem on the remote machine.
A "system password" for lines with modems seems like a good idea. As long
as the system password is strong enough, one needn't worry about passwords
on other accounts. (The cryptographic strength of two passwords is not
significantly better than one.)
Not having a system password makes user names like "diag", "setup", and
"root" worrisome, if you have any incoming modems.
Everyone no doubt recalls that a "system password" can be specified
with /etc/d_passwd and /etc/dialups.
Vernon Schryver
Silicon Graphics
vjs at sgi.com
More information about the Comp.sys.sgi
mailing list