https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409137#M202246 Hi all,<BR /><BR />I'm setting up rdist job between servers across WAN. I need to setup remote trust between servers before I started(rlogin/remsh), but when I try rlogin from the rdist master server to clients, I always get "rlogind: Permission denied." and on the target server, I can find rlogind complained about "Connection on illegal port" in the syslog.<BR />those 2 servers can rlogin to or accept rlogin within their own LAN, and tcpdump shows rlogin request always come from port 1023. But when I tried rlogin accross WAN, tcpdump shows the request came from some ramdom high port like 12055.<BR />I'm just wondering, is port 1023 hard coded in the rlogin client binary, or is defined somewhere? Wed, 27 Oct 2004 09:19:51 GMT Gary Yu 2004-10-27T09:19:51Z https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409137#M202246 Hi all,<BR /><BR />I'm setting up rdist job between servers across WAN. I need to setup remote trust between servers before I started(rlogin/remsh), but when I try rlogin from the rdist master server to clients, I always get "rlogind: Permission denied." and on the target server, I can find rlogind complained about "Connection on illegal port" in the syslog.<BR />those 2 servers can rlogin to or accept rlogin within their own LAN, and tcpdump shows rlogin request always come from port 1023. But when I tried rlogin accross WAN, tcpdump shows the request came from some ramdom high port like 12055.<BR />I'm just wondering, is port 1023 hard coded in the rlogin client binary, or is defined somewhere? Wed, 27 Oct 2004 09:19:51 GMT https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409137#M202246 Gary Yu 2004-10-27T09:19:51Z https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409138#M202247 How about checking /etc/services/klogin ..there shall be one defined the service port..<BR /><BR />check your inetd.conf which also shall have this entry to make connections..<BR />How is the trusting between two hosts..just check rlogin man page or remsh man page..<BR /><BR />check for hosts.equiv or .rhosts files..<BR /><BR />Thanks<BR />Prashant Wed, 27 Oct 2004 09:33:41 GMT https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409138#M202247 Prashant Zanwar_4 2004-10-27T09:33:41Z https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409139#M202248 thanks Prashant, /etc/service file defines port for servers (rlogind and remshd), but the problem here seemed to be the client port, I don't know if it's a designed behavior for rlogin(the client) to use static port 1023 on the client side to make request.<BR /><BR />thanks<BR />Gary Wed, 27 Oct 2004 09:45:41 GMT https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409139#M202248 Gary Yu 2004-10-27T09:45:41Z https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409140#M202249 OK, I think I found the answer. to use port under 1024 from the client is a security feature of the "remote" utilities family, because all these binaries have the set uid bit, only root can open port below 1024, so that the server knows the request did from "rlogin" client, not a fake request. And I also did tcpdump from the client, it also shows the request initiated from port 1023. But I still need to figure out how it ended up with other ports to the server -- must be some firewall rules along the way...<BR /><BR />thanks,<BR />Gary Wed, 27 Oct 2004 10:35:32 GMT https://community.hpe.com/t5/operating-system-hp-ux/rlogind-complained-about-quot-connection-on-illegal-port-quot/m-p/3409140#M202249 Gary Yu 2004-10-27T10:35:32Z