rsh : Permission denied

Nalin Dahyabhai nalin at redhat.com
Fri Apr 22 18:49:24 UTC 2005


On Fri, Apr 22, 2005 at 05:02:55PM +0200, Vincent Arnoux wrote:
> I am trying to set up on a Fedora Core 3 pc the rsh server... and
> failing for the moment.
> I have the following message in /var/messages :
> Apr 20 14:21:26 asma001 pam_rhosts_auth[8950]: denied to
> vincent at 10.159.227.24 as varnoux: access not allowed
> Apr 20 14:21:26 asma001 in.rshd[8950]: rsh denied to
> vincent at 10.159.227.24 as varnoux: Permission denied.
> 
> What I don't understand is that I changed all authorization files I
> found involved in rsh permissions. This system is on an intranet, so I
> can desactivate any security I want, but rsh server MUST work.
[snip]
> [root at asma001 varnoux]# cat /etc/hosts.equiv
> +
> [root at asma001 varnoux]# cat .rhosts
> + +

Ah, you need to add "promiscuous" to the set of options which you're
passing to the pam_rhosts_auth.so module in /etc/pam.d/rsh.  The module
deviates from the historic behavior by NOT treating "+" as a wildcard
unless this option is given. [1]

Note that if you run "rsh" without any arguments, it invokes "rlogin",
so you may want to modify the PAM configuration for rlogind similarly.

HTH,

Nalin

[1] See the Linux-PAM System Administrator's Guide, in various formats
    under /usr/share/doc/pam-*, for more info.




More information about the fedora-list mailing list