cancel
Showing results for 
Search instead for 
Did you mean: 

REMOTE SHELL FAILING (remsh)

SOLVED
Go to solution
Vassilios
Frequent Advisor

REMOTE SHELL FAILING (remsh)

Hello,

I have 2 servers that can ping each other:
A HPUX machine (server1), and a Sun Solaris Machine (server2).
I have created 2 logins on server1 and server2 called tutti and frutti

I have on the HPUX machine configured the /etc/hosts on both machines as well as the /etc/hosts.equiv files as follows.

/etc/hosts on server1:

10.x.y.z server1 loghost
10.m.n.o server2

/etc/hosts on server2:

10.m.n.o server2 loghost
10.x.y.z server1

The /etc/hosts.equiv basically look exactly the same on both servers:

/etc/hosts.equiv

server1 tutti
server1 frutti
server2 tutti
server2 frutti

-------------------------

Now, when I login with userid frutti to server2, i can do the following command:

%frutti>remsh server1 ls /
and it gives me a listing of everything on server1's root directory :)

But when I login with userid frutti on server1 (my HPUX machine), and I do the following command:

%frutti>remsh server2 ls /
permission denied

Now, why is that?? How is it server2 can remsh into server1 and yet server1 cannot remsh into server2.

I did a snoop on server2 (its something they have on solaris) .. and I couldnt see any error messages...

Is there an equivalent of snoop on HPUX? I really need to debug this asap. Thanks for your support
14 REPLIES
Steven Schweda
Honored Contributor

Re: REMOTE SHELL FAILING (remsh)

I, for one, would have much more confidence
in your problem description if you didn't try
to hide the actual names and addresses of
everything. You could have a simple
typographical error somewhere, and no one
could tell. No one can get a route to a
10.a.b.c address, so what are you worried
about? Why make things harder than they need
to be?

What does "remsh serverX" (with no command)
do, ask for a password? (Does it work if you
give it the right one?)
TTr
Honored Contributor

Re: REMOTE SHELL FAILING (remsh)

Check the permissions of /etc/hosts.equiv on the solaris host. They should be 644 (-rw-r--r--) at most. Also check the user and group ownership. Not sure what they should be in solaris but if they are not right the file is ignored.
The equivalent of snoop in HP-UX is tusc. It is an add-on product, it might not be installed on your server. (software.hp.com)
Vassilios
Frequent Advisor

Re: REMOTE SHELL FAILING (remsh)

Hi. I fixed it myself :)

You know what is was?
It was the .rhosts file. This has to be located in the $HOME{tutti}.

As for hiding stuff.. how do you know I'm not working for a company that sells icecream and the names of our userid's are tutti and frutti??

I'll give you a few points anyway if you can tell me what the + sign does at the bottom of the .rhosts file? THanks
Torsten.
Acclaimed Contributor

Re: REMOTE SHELL FAILING (remsh)

Do you know about man pages?

http://docs.hp.com/en/B3921-60631/hosts.equiv.4.html

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Vassilios
Frequent Advisor

Re: REMOTE SHELL FAILING (remsh)

ok.. thanks. i was just trying to find a way to give those who tried to help a way to know that there was a chance to still gain some points.

I don't know what to do now? Do I read the man pages, or do I wait for someone to kindly give me the answer?

OK. I'll read the man pages, for if someone wants any points, can you answer me what the differences (in terms of structure) are between an .rhosts file on HPUX and one on SOlaris ?
Vassilios
Frequent Advisor

Re: REMOTE SHELL FAILING (remsh)

Hi,

Can someone just summarise it anyway for me? What is the + used for in a .rhosts?

Can someone explain this?
(its from the man pages)

+ -hostB + root

What is that doing?

Thanks all,
Torsten.
Acclaimed Contributor

Re: REMOTE SHELL FAILING (remsh)

This one?

.rhosts in the home directory of user chm on hostA contains:

+
-hostB
+ root

User chm from any host is allowed to access account chm on hostA. User root from any host except hostB can access account chm on hostA.

(this is copied from the man page :-)

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Steven Schweda
Honored Contributor

Re: REMOTE SHELL FAILING (remsh)

> As for hiding stuff.. how do you know I'm
> not working for a company that sells
> icecream and the names of our userid's are
> tutti and frutti??

The same way I know that your IP addresses
are not really 10.m.n.o and 10.x.y.z.

> I'll give you a few points anyway ...

Oh, boy! I _live_ for points awarded by
people who don't know how to ask a question
_or_ read "man" pages.
Vassilios
Frequent Advisor

Re: REMOTE SHELL FAILING (remsh)

Is there an equivalent of snoop on HPUX? I really need to debug this asap.

Thanks for your support


Vassilios
Frequent Advisor

Re: REMOTE SHELL FAILING (remsh)

thanks Torsten,
but what does this mean? the + and - sign??

+
-hostB
+ root

thanks again
Patrick Wallek
Honored Contributor
Solution

Re: REMOTE SHELL FAILING (remsh)

Assuming this is in a .rhosts file in a users home dir.

+ -- Access allowed for user from any host

-hostb -- All access from hostb is DENIED

+ root -- Access allowed for root from any host EXCEPT hostb. Note the space between the '+' and 'root'.



# man rhosts
See example #4 at the end of the man page.
Torsten.
Acclaimed Contributor

Re: REMOTE SHELL FAILING (remsh)

Well, it's explicitly written ... see above.

In general "+" is a wildcard stands for "any" - "-" for "non" or "except".
It depends, what you "write around" ...

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Vassilios
Frequent Advisor

Re: REMOTE SHELL FAILING (remsh)

Torsten, you are right.. sorry, Im just a bit slow.

Thanks for pointing that out.

Does anyone here know if there's a snooping tool on HPUX? The same as what we have on sun?
TTr
Honored Contributor

Re: REMOTE SHELL FAILING (remsh)

The snoop equivalent in hp-ux is tcpdump. You may already have it in /opt/iexpress/tcpdump, if not download it from http://software.hp.com

I think tusc as I mentioned in my previous reply is a better tool to use to trace processes and find errors.