cancel
Showing results for 
Search instead for 
Did you mean: 

Can't rsh to a RHAS2.1

 
Highlighted
Regular Advisor

Can't rsh to a RHAS2.1

Hi
I am trying to do a rsh to a RHAS2.1 server from another RedHat6.2 server but it failed

(redhat 6.2 server)$ /usr/bin/rsh -l mon 192.168.23.54 'ls'
"192.168.23.54: Connection refused" message

On the RHAS2.1 server, there are no logs that indicate the failure in the /var/log/messages

In /etc/xinetd.d/rsh, disable=no

On the RHAS2.1 server, the user mon can rsh to itself without any problems

what could be the problem?
All Your Bases Are Belong To Us!
11 REPLIES 11
Highlighted
Honored Contributor

Re: Can't rsh to a RHAS2.1

Is iptables firewall on RHAS 2.1 server active?

# iptables -L
Highlighted
Honored Contributor

Re: Can't rsh to a RHAS2.1

Kenny,

On my RH 8.0 I must set a list of trusted hosts and users for rsh in /etc/hosts.equiv in a format:

[+|-] [hostname] [username]

Please see man hosts.equiv.

Bojan
Highlighted
Regular Advisor

Re: Can't rsh to a RHAS2.1

The RHAS2.1 server is allowing ssh, does that mean that rsh cannot be used?
All Your Bases Are Belong To Us!
Highlighted
Honored Contributor

Re: Can't rsh to a RHAS2.1

This are two different things. ssh and rsh have very similar functionality but they are two different programs with two different daemons. It is better practice to use ssh because the communication is cripted.

So if you want to use rsh you need to specify which users and hosts you trust.

For the ssh security see man ssh.

Bojan
Highlighted
Honored Contributor

Re: Can't rsh to a RHAS2.1

Sorry,

Rereading my post I see that I forgot to answer your question.
Both rsh and ssh can be used on the same system. They work on two different tcpip ports.

Bojan
Highlighted
Honored Contributor

Re: Can't rsh to a RHAS2.1

Ok, now as has been mentioned in a few other posts, the firewall. Need to make sure port 513 (I believe off the top of my head) is opened up from the RH62 server.

Next thing to do is to make sure that /etc/hosts.allow and /etc/hosts.deny aren't dis-allowing it (is there an ALL:ALL in '/etc/hosts.deny' ? or any reference to 'in.rshd' ?).

Other than that, refreshing the 'xinetd' config using 'service xinetd reload', and ensuring no errors show up in '/var/log/messages', and that the 'rsh' service is listed.

That should account for a 'Connection refused' error.
One long-haired git at your service...
Highlighted
Regular Advisor

Re: Can't rsh to a RHAS2.1

Hi

On the RHAS2.1 server, the user mon can rsh to itself without any problems

iptables is not enabled

I have added the entries into /etc/hosts.equiv

/etc/hosts.deny and /etc/hosts.allow are empty

I ran the command

service xinetd reload

/var/log/messages does not show that it is removed.

All Your Bases Are Belong To Us!
Highlighted
Trusted Contributor

Re: Can't rsh to a RHAS2.1

hi Kenny,
there is yet another way how to do it working

place on remote box into $HOME of connecting user file .rhosts with following line
box1 user1
box2 user1
(trused box and user)

boxes must be also in /etc/hosts

also check if all r

check also if rcpbind is running on remote box

rpcinfo -p

br Jan
GSM, Intelligent Networks, UNIX
Highlighted
Honored Contributor

Re: Can't rsh to a RHAS2.1

Jan is getting the closest.

As you are RSH'n from userA to user 'mon', the .rhosts for the 'mon' user needs to know that you're also coming from a different user.

rh62serv

Add that entry to mon's .rhosts file, and you'll get more joy.
One long-haired git at your service...