RHEL4 - rsh: permission denied
Thomas Walter
tbw at geo.hunter.cuny.edu
Thu May 4 19:35:38 UTC 2006
Rick,
Ty for your response. here's more details......
Tom
On Wed, 3 May 2006, Rick Stevens wrote:
> On Wed, 2006-05-03 at 15:36 -0400, Thomas Walter wrote:
> > I'm trying to get rsh set between two machines (local is Solaris 9,
> > remote is RHEL4). I've done it before (I
> > have a "cookbook") but I'm missing something. Please help. I'm aware of
> > the security issues involved using "r" commands.
> >
> > What I've done on remote machine:
> > - in .rhosts I put FQ machine name and user name.
>
> That's in the common user's home directory, right? E.g.
> "~fred/.rhosts" assuming the common user is "fred".
/root/.rhosts on remote machine:
moon.xxx.xxxxxx.xxxx.edu root
>
> > - added "+ FQ machine name user" in /etc/hosts.equiv
>
> That's "+ other-machine-name username", right?
/etc/hosts.equiv on remote machine:
+ moon.xxx.xxxxxx.xxxx.edu root
>
> > - in /etc/xinetd.d/rsh and rexec changed to "disable = no"
> > - added rsh to /etc/securetty
> > - restarted xinetd
> > - no error messages in/etc/log/messages when restarting xinetd.
>
> Uh, when you say "restarted xinetd", did you "service xinetd restart"
> or simply pass it a SIGHUP? I don't always trust "service xinetd
> restart". I'd prefer "service xinetd stop;service xinetd start". I
> know it's pedantic, but I've seen xinetd hang using the restart option.
>
I restarted xinetd via GUI, Applications --> System Settings --> Server
Settings --> Services --> Restart xinetd [xinetd restart successful]
/var/log/messages:
May 4 11:33:13 hypatia xinetd: xinetd shutdown succeeded
May 4 11:33:13 hypatia xinetd: xinetd startup succeeded
May 4 11:33:13 hypatia xinetd[20582]: xinetd Version 2.3.13 started with
libwrap loadavg options compiled in.
May 4 11:33:13 hypatia xinetd[20582]: Started working: 2 available services
> > What I've done on local machine:
> > - added remote FQ machine name and same user name to .rhosts
>
> Again, in the common user's .rhosts file, right?
/.rhosts on local machine (Sun Solaris 9)
hypatia.xxx.xxxx.xxx.edu root
> >
> > On local machine the command "rsh machinename w" results in "permission
> > denied"
> >
> > On remote machine command "rsh localhost w" results in "permission denied.
>
> Did you check /var/log/messages or /var/log/secure on the remote system
> to see what errors were spit out?
On local machine (moon) the command "moon{root}:rsh hypatia w" results in
"permission denied"
[root at hypatia ~]# tail /var/log/messages:
May 4 11:38:27 hypatia rshd[20596]: rsh denied to root at moon.xxxx.xxxxxx.xxxx.edu as root: Permission denied.
May 4 11:38:27 hypatia rshd[20596]: rsh command was 'w'
[root at hypatia ~]#
May 4 11:38:27 hypatia xinetd[20582]: START: shell pid=20596 from=1xx.9x.x.3 (this is moon's IP address)
I hope this sheds some light.
Thanks again.
Tom
>
> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
> - VitalStream, Inc. http://www.vitalstream.com -
> - -
> - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent -
> - process. Prepare to vi." -
> ----------------------------------------------------------------------
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe
>
More information about the Redhat-install-list
mailing list