The line "Remote: Rhosts/hosts.equiv authentication refused:
client user 'kalt', server user 'kalt', client host
'millennium.stealth.net'." only appears when the account
exists. (need to run in verbose mode)
This might not the case if the remote sshd doesn't allow
this particular kind of authentication. I didn't check for
other schemes.
On Jun 13, David Holland wrote:
| Try 'rsh victimhost -l realuser' and 'rsh victimhost -l nosuchuser'.
| The error reported is different.
|
| Therefore, it's possible to determine which account names are valid.
| This is an issue only for particularly paranoid sites that probably
| already have rshd disabled, but I thought it would be worth issuing a
| warning anyway.