[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

C2 security option

To: slug@ai.sri.com
Subject: C2 security option
From: deiss@informatik.uni-kl.de
Date: Wed, 2 Dec 1992 09:03:53 -0500
Cc: deiss@informatik.uni-kl.de
Sender: deiss@informatik.uni-kl.de

Hi Folks,

Perhaps somebody can help me in the following situation:

We have one Symbolics US1200S Board (genera 8.0.2) embedded in a sparcserver
(sunos 4.1.1).
All went fine, but then the administrator of our suns decided to install the
C2-security option of sun.
Now It is no longer possible to log in to the sun or to read files of the sun
via nfs from the UX1200S.
The error messages are:

loging in as myself:
  Invalid password for user name "deiss" on host EUKLID
loging in as root:
  No UNIX passwd information found for user name "root" on host EUKLID
(EUKLID is the sparcserver, and yp-server)

But it is possible to access the file system of other sparcs (e.g. host  alpha)
in the same  domain via ftp.

The problem with this C2 option seems to be, that the password information is
taken out of the usual password files and is hidden in other files which are
only readable by root.

Has anybody else encountered the same situation or has an idea how to tell the
Ivory board to look up the password information of the sparc correctly?

The Namespace entries of the hosts alpha, euklid and thales:

SITE THEORIE1
USER-PROPERTY YP-DOMAIN-SERVER euklid
USER-PROPERTY YP-DOMAIN-NAME SFB314D4
'unrelated? stuff deleted'

HOST THALES
USER-PROPERTY EMBEDDED-IN euklid
USER-PROPERTY YP-DOMAIN-NAME SFB314D4
USER-PROPERTY YP-DOMAIN-SERVER euklid
SERVICE CHAOS-STATUS CHAOS-SIMPLE CHAOS-STATUS
SERVICE CONFIGURATION TCP CONFIGURATION
SERVICE CONFIGURATION CHAOS CONFIGURATION
SERVICE FILE CHAOS NFILE
SERVICE FILE TCP TCP-FTP
SERVICE FILE TCP NFILE
SERVICE FILE CHAOS QFILE
SERVICE LISPM-FINGER CHAOS-SIMPLE LISPM-FINGER
SERVICE LOGIN TCP 3600-LOGIN
SERVICE LOGIN CHAOS 3600-LOGIN
SERVICE LOGIN CHAOS SUPDUP
SERVICE LOGIN CHAOS TELNET
SERVICE LOGIN TCP TELNET
SERVICE NAMESPACE TCP NAMESPACE
SERVICE NAMESPACE CHAOS NAMESPACE
SERVICE NAMESPACE-TIMESTAMP UDP NAMESPACE-TIMESTAMP
SERVICE NAMESPACE-TIMESTAMP CHAOS-SIMPLE NAMESPACE-TIMESTAMP
SERVICE NOTIFY UDP NOTIFY
SERVICE NOTIFY CHAOS-SIMPLE NOTIFY
SERVICE SEND CHAOS CONVERSE
SERVICE SEND TCP SMTP
SERVICE SEND CHAOS SEND
SERVICE SHOW-USERS CHAOS NAME
SERVICE SHOW-USERS TCP ASCII-NAME
SERVICE TIME CHAOS-SIMPLE TIME-SIMPLE
SERVICE TIME UDP TIME-SIMPLE-MSB
SERVICE TIME TCP TIME-MSB
SERVICE UPTIME CHAOS-SIMPLE UPTIME-SIMPLE
ADDRESS INTERNET 131.246.16.9 
ADDRESS CHAOS 10005 
SYSTEM-TYPE LISPM
MACHINE-TYPE UX1200S
SITE THEORIE1

HOST EUKLID
USER-PROPERTY YP-DOMAIN-NAME SFB314D4
USER-PROPERTY YP-DOMAIN-SERVER euklid
USER-PROPERTY RPC-PASSWD-FILE /etc/yp/security/passwd.adjunct
USER-PROPERTY RPC-USE-FILE nil
SERVICE FILE UDP NFS
SERVICE FILE TCP TCP-FTP
SERVICE HARDCOPY TCP UNIX-LPD
SERVICE LOGIN TCP TELNET
SERVICE MAIL-TO-USER TCP SMTP
SERVICE PRINTER-CONTROL TCP UNIX-LPD
SERVICE PRINTER-QUEUE-CONTROL TCP UNIX-LPD
SERVICE RPC TCP RPC
SERVICE RPC UDP UDP-RPC
SERVICE RPC TCP TCP-RPC
SERVICE SEND TCP SMTP
SERVICE TAPE TCP UNIX-REXEC
SERVICE TIME UDP TIME-SIMPLE-MSB
SERVICE UNIX-REXEC TCP UNIX-REXEC
SERVICE X-WINDOW-SYSTEM TCP X-WINDOW-SYSTEM
PRETTY-NAME euklid
ADDRESS INTERNET 131.246.16.8 
SYSTEM-TYPE UNIX42
MACHINE-TYPE SUN
SITE THEORIE1

HOST ALPHA
USER-PROPERTY YP-DOMAIN-NAME SFB314D4
USER-PROPERTY YP-DOMAIN-SERVER euklid
SERVICE FILE TCP TCP-FTP
SERVICE LOGIN TCP TELNET
SERVICE MAIL-TO-USER TCP SMTP
SERVICE RPC TCP RPC
SERVICE RPC UDP UDP-RPC
SERVICE RPC TCP TCP-RPC
SERVICE SEND TCP SMTP
SERVICE TIME UDP TIME-SIMPLE-MSB
SERVICE UNIX-REXEC TCP UNIX-REXEC
SERVICE X-WINDOW-SYSTEM TCP X-WINDOW-SYSTEM
PRETTY-NAME alpha
ADDRESS INTERNET 131.246.16.10 
SYSTEM-TYPE UNIX42
MACHINE-TYPE SUN
NICKNAME ALPHA
SITE THEORIE1

Any help would be greatly appreciated

Thomas Deiss

Follow-Ups:
- C2 security option
  - From: <@IU.AI.SRI.COM:slug-admin@iu.ai.sri.com>

Prev by Date: Re: C++ reference?
Next by Date: C2 security option
Previous by thread: Expert System Shell License-Free For Teaching Purposes
Next by thread: C2 security option
Index(es):
- Date
- Thread