https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410483#M71054 Ok, now as has been mentioned in a few other posts, the firewall. Need to make sure port 513 (I believe off the top of my head) is opened up from the RH62 server.<BR /><BR />Next thing to do is to make sure that /etc/hosts.allow and /etc/hosts.deny aren't dis-allowing it (is there an ALL:ALL in '/etc/hosts.deny' ? or any reference to 'in.rshd' ?).<BR /><BR />Other than that, refreshing the 'xinetd' config using 'service xinetd reload', and ensuring no errors show up in '/var/log/messages', and that the 'rsh' service is listed.<BR /><BR />That should account for a 'Connection refused' error. Sun, 31 Oct 2004 22:41:48 GMT Stuart Browne 2004-10-31T22:41:48Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410477#M71048 Hi <BR />I am trying to do a rsh to a RHAS2.1 server from another RedHat6.2 server but it failed <BR /><BR />(redhat 6.2 server)$ /usr/bin/rsh -l mon 192.168.23.54 'ls'<BR />"192.168.23.54: Connection refused" message<BR /><BR />On the RHAS2.1 server, there are no logs that indicate the failure in the /var/log/messages<BR /><BR />In /etc/xinetd.d/rsh, disable=no<BR /><BR />On the RHAS2.1 server, the user mon can rsh to itself without any problems<BR /><BR />what could be the problem? Thu, 28 Oct 2004 21:48:32 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410477#M71048 kenny chia 2004-10-28T21:48:32Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410478#M71049 Is iptables firewall on RHAS 2.1 server active?<BR /><BR /># iptables -L Fri, 29 Oct 2004 00:54:49 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410478#M71049 Ermin Borovac 2004-10-29T00:54:49Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410479#M71050 Kenny,<BR /><BR />On my RH 8.0 I must set a list of trusted hosts and users for rsh in /etc/hosts.equiv in a format:<BR /><BR />[+|-] [hostname] [username]<BR /><BR />Please see man hosts.equiv.<BR /><BR />Bojan Fri, 29 Oct 2004 04:37:50 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410479#M71050 Bojan Nemec 2004-10-29T04:37:50Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410480#M71051 The RHAS2.1 server is allowing ssh, does that mean that rsh cannot be used? Fri, 29 Oct 2004 04:41:44 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410480#M71051 kenny chia 2004-10-29T04:41:44Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410481#M71052 This are two different things. ssh and rsh have very similar functionality but they are two different programs with two different daemons. It is better practice to use ssh because the communication is cripted.<BR /><BR />So if you want to use rsh you need to specify which users and hosts you trust.<BR /><BR />For the ssh security see man ssh.<BR /><BR />Bojan Fri, 29 Oct 2004 06:22:43 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410481#M71052 Bojan Nemec 2004-10-29T06:22:43Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410482#M71053 Sorry,<BR /><BR />Rereading my post I see that I forgot to answer your question.<BR />Both rsh and ssh can be used on the same system. They work on two different tcpip ports.<BR /><BR />Bojan<BR /> Fri, 29 Oct 2004 06:30:23 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410482#M71053 Bojan Nemec 2004-10-29T06:30:23Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410483#M71054 Ok, now as has been mentioned in a few other posts, the firewall. Need to make sure port 513 (I believe off the top of my head) is opened up from the RH62 server.<BR /><BR />Next thing to do is to make sure that /etc/hosts.allow and /etc/hosts.deny aren't dis-allowing it (is there an ALL:ALL in '/etc/hosts.deny' ? or any reference to 'in.rshd' ?).<BR /><BR />Other than that, refreshing the 'xinetd' config using 'service xinetd reload', and ensuring no errors show up in '/var/log/messages', and that the 'rsh' service is listed.<BR /><BR />That should account for a 'Connection refused' error. Sun, 31 Oct 2004 22:41:48 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410483#M71054 Stuart Browne 2004-10-31T22:41:48Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410484#M71055 Hi<BR /><BR />On the RHAS2.1 server, the user mon can rsh to itself without any problems<BR /><BR />iptables is not enabled<BR /><BR />I have added the entries into /etc/hosts.equiv<BR /><BR />/etc/hosts.deny and /etc/hosts.allow are empty<BR /><BR />I ran the command<BR /><BR />service xinetd reload <BR /><BR />/var/log/messages does not show that it is removed.<BR /><BR /> Sun, 31 Oct 2004 23:33:51 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410484#M71055 kenny chia 2004-10-31T23:33:51Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410485#M71056 hi Kenny,<BR />there is yet another way how to do it working<BR /><BR />place on remote box into $HOME of connecting user file .rhosts with following line<BR />box1 user1<BR />box2 user1<BR />(trused box and user)<BR /><BR />boxes must be also in /etc/hosts <BR /><BR />also check if all r<BR /><BR />check also if rcpbind is running on remote box<BR /><BR />rpcinfo -p <REMOTE ip=""><BR /><BR />br Jan<BR /></REMOTE> Mon, 01 Nov 2004 20:06:29 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410485#M71056 Jan Sladky 2004-11-01T20:06:29Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410486#M71057 Jan is getting the closest.<BR /><BR />As you are RSH'n from userA to user 'mon', the .rhosts for the 'mon' user needs to know that you're also coming from a different user.<BR /><BR />rh62serv <USER-COMING-FROM><BR /><BR />Add that entry to mon's .rhosts file, and you'll get more joy.</USER-COMING-FROM> Mon, 01 Nov 2004 21:44:39 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410486#M71057 Stuart Browne 2004-11-01T21:44:39Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410487#M71058 Hi <BR />IMHO I think there is no permission problems as it reported "Connection refused" rather than "Permission denied"<BR /><BR />Could it be a pam problem?<BR />this is the contents of my /etc/pam.d/rsh<BR /><BR />#%PAM-1.0<BR /># For root login to succeed here with pam_securetty, "rsh" must be<BR /># listed in /etc/securetty.<BR />auth required /lib/security/pam_nologin.so<BR />auth required /lib/security/pam_securetty.so<BR />auth required /lib/security/pam_env.so<BR />auth required /lib/security/pam_rhosts_auth.so<BR />account required /lib/security/pam_stack.so service=system-auth<BR />session required /lib/security/pam_stack.so service=system-auth Mon, 01 Nov 2004 22:48:50 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410487#M71058 kenny chia 2004-11-01T22:48:50Z https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410488#M71059 It could be, but 'Connection refused' usually means that something is not allowing it to connect rather than dropping the connection.<BR /><BR />Ensure that the 'rsh' service is listening, using:<BR /><BR />netstat -ntlp | grep xinetd<BR /><BR />One of the listed ports should be 514 (Yes, I was wrong the other day).<BR /><BR />If it's not, then use 'chkconfig rsh on' and do it again. Tue, 02 Nov 2004 17:00:18 GMT https://community.hpe.com/t5/operating-system-linux/can-t-rsh-to-a-rhas2-1/m-p/3410488#M71059 Stuart Browne 2004-11-02T17:00:18Z