HPE Community
Operating System - HP-UX
1758831 Members
3210 Online
108876 Solutions
New Discussion юеВ

As root, can't rlogin from particular server without password

 
SOLVED
Go to solution
G. Vrijhoeven
Honored Contributor

тАО01-08-2004 09:44 AM

тАО01-08-2004 09:44 AM

Re: As root, can't rlogin from particular server without password

Hi,

just a question but do you have NIS configured?
Do you have the same OS levels/patch levels on all servers?

Gideon
0 Kudos
Reply
Jay Core
Frequent Advisor

тАО01-08-2004 09:48 AM

тАО01-08-2004 09:48 AM

Re: As root, can't rlogin from particular server without password

Hi G.,

We do have NIS configured on host7, not host8 or host9. I didn't think this would be an issue?? Also, all 3 servers are at very similar patch levels running 11.0.

Thanks,
Joe
0 Kudos
Reply
G. Vrijhoeven
Honored Contributor

тАО01-08-2004 09:59 AM

тАО01-08-2004 09:59 AM

Re: As root, can't rlogin from particular server without password

Hi Joe,

I found a patch that might interest you.

http://www5.itrc.hp.com/service/patch/patchDetail.do?BC=patch.breadcrumb.main|patch.breadcrumb.search|&patchid=PHNE_23003&context=hpux:800:11:00

Check:

PHNE_17028:

1. When the patch PHNE_16091 is installed, remshd/rexecd
fails to transmit the error message to the client. When
the user gives invalid input to remsh/rexec, then the
error message will not be displayed to the user.
This happens only when the user is in ksh.

2. In NIS environment, rlogin prompts for the password
even if there is an entry in the .rhosts file. Even
if the user tries to give the password, it will report
as Login incorrect.



HTH.

Gideon
0 Kudos
Reply
Jay Core
Frequent Advisor

тАО01-08-2004 10:11 AM

тАО01-08-2004 10:11 AM

Re: As root, can't rlogin from particular server without password

Gideon,

thanks! I do have this patch on my system. Let me check this out fully tomorrow, and I'll assign you the full 10 points if this fixes it - thanks!

Joe
0 Kudos
Reply
Elmar P. Kolkman
Honored Contributor

тАО01-08-2004 05:29 PM

тАО01-08-2004 05:29 PM

Re: As root, can't rlogin from particular server without password

One more thing you can test: do the rlogin to get to host9 from host7 and look at the output of 'netstat -af inet'. Look for lines on the login port and see what name host7 has in those lines. Perhaps there is a IP domain issue or it is using a network route you didn't anticipate...
Every problem has at least one solution. Only some solutions are harder to find.
0 Kudos
Reply
Todd McDaniel_1
Honored Contributor

тАО01-09-2004 06:11 AM

тАО01-09-2004 06:11 AM

Re: As root, can't rlogin from particular server without password

Joe,

First, I would recommend that you make sure your services are all running just in case.


Next, I would NOT recommend using /etc/hosts.equiv, It can be more dangerous than merely using .rhosts. From the manpage....

quote: "The
/etc/hosts.equiv file defines system-wide equivalency, whereas a
user's .rhosts file defines equivalency between the local user and any
remote users to whom the local user chooses to allow or deny access."

end quote

Of course with root you will have full equivalency but .rhosts is less of a hole than hosts.equiv will be. As a rule, I usu avoid it, if at all possible.


IN addition, I would ask you to check the file /etc/hosts.allow and hosts.deny... to ensure you dont have anything configured there to prevent connection.

OR you may need to ADD a lines like this...

rlogind : all : banners=/usr/localcw/opt/sysguard/banners : allow
remshd: all : banners=/usr/localcw/opt/sysguard/banners : allow
rexecd : all : banners=/usr/localcw/opt/sysguard/banners : allow
Unix, the other white meat.
0 Kudos
Reply
Jay Core
Frequent Advisor

тАО01-09-2004 09:14 AM

тАО01-09-2004 09:14 AM

Re: As root, can't rlogin from particular server without password

Gideon,

thanks again, but I do have the PHNE_23003 on our server, and we are able to log into the server when
the password is entered.

Thanks again,
Joe



Elmar,

something on the login lines of the output of the "netstat -af inet" command looks a little
kludgy. I am holding off issuing ppoints, because if this solves the problem
I want to give you the full 10.

Thanks,
Joe



Todd,

thanks - all my services are running. I am not using hosts.equiv. I do not have a hosts.allow
or a hosts.deny file. As far as adding those lines, I'm a little leery doing this because none
of the other servers need these entries and are working fine.

Thank you, though, for all your input.
Joe
0 Kudos
Reply
Todd McDaniel_1
Honored Contributor

тАО01-09-2004 09:17 AM

тАО01-09-2004 09:17 AM

Re: As root, can't rlogin from particular server without password

No points here...

yes that was only a suggestion if you were using the hosts.allow and deny files...

If you aren't using them then you won't usually have the files at all. so disregard that portion.
Unix, the other white meat.
0 Kudos
Reply
Jay Core
Frequent Advisor

тАО01-09-2004 09:46 AM

тАО01-09-2004 09:46 AM

Re: As root, can't rlogin from particular server without password

Thanks Todd,

Dude - I gotta give at least 1 point for the reply - thanks.

Joe
0 Kudos
Reply
Jay Core
Frequent Advisor

тАО01-09-2004 09:47 AM

тАО01-09-2004 09:47 AM

Re: As root, can't rlogin from particular server without password

Hmmm, it didn't let me give you a point - sorry.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.