Your network isn't fully switched?
On the other hand, if I really had to do something like this, I would set up hosts.equiv to not require the password from a secure account on the administrative host. I would still rather not do it at all though. I'm generally uncomfortable with rsh-ing administrative commands.
Mike Sphar wrote:
Your network isn't fully switched?
I'm told by my networking people that there are a number of attacks that can be made against switches, including one that causes the switch to begin broadcasting all data to all ports, as if it were a hub. We *never* send root passwords over the net, not even via ssh. We use one-time, non-replayable, challenge/response keys instead.
Yes, hosts.equiv works but I abhor having to do anything in clear text.
-ste
-
Mike Sphar -
Shaun T. Erickson