Re: problem conecting to remshd from linux box

Victor Gonzalez_4 · ‎11-16-2004

Hi,
I'm getting an error when conecting from a linux box to the remshd server on my hp-ux server. The strange thing is that i'm able to login remotely to the server from the same linux box. In other words if I execute: "rsh hp-server" i get logged in, but if I execute "rsh hp-server date" i get:

poll: protocol failure in circuit setup

I have an aparently correct .rhosts in the users acount at the server.

Can anyone please help me with this?

The hp server is an hp 9000/803/D220 model with HP-UX B11.11

Thanks

John Poff · ‎11-16-2004

Hi,

One thing to check is to make sure that each host correctly resolves the hostname and IP address of both hosts. I think you can get that error when there is a resolution problem.

JP

Victor Gonzalez_4 · ‎11-16-2004

Thanks,But they both resolves the hostnames correctly. Each of them have the corresponding entry in their /etc/hosts files.Another problem which I have, and which is related to the previous one, is that i can't find any logs from remsh and rlogin.Thanks in advance for any suggestion

Steven E. Protter · ‎11-16-2004

Try it by ip address instead. If ip addy works and hostname does not its a resolution problem.

Files to check
.rhostrs
/etc/hosts.equiv # can be used to bock access
/etc/nsswitch.conf # decides dns versus files
/etc/hosts # see prior line

Good way to grab data

tail -f /var/adm/syslog/syslog.log

Then try and connect from Linux.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Victor Gonzalez_4 · ‎11-16-2004

Thank you StevenUnfortunatly, the problem persists. Changed th FQDN in .rhosts for IP number, but nothing changes. Besides I don't think that the problem does something to do with resolve problems, because login in remotly (with rlogin) does function properly.When i monitor the syslog log, nothing apears on it after i try to conect. I supose the logging of remsh is disabled, which could be because of the antique OS. I'm not sure abaout this.Thanks anyway.

Ermin Borovac · ‎11-16-2004

Most likely your problem is firewall (iptables/ipchains?) on your linux box.

rsh server (remshd on hp-ux) opens inbound connection to pass stderr and it is connecting back to the client on a random port below 1023. The client sends port number to the server when it initially opens the connection.

The reason why it works when you run rsh without command is that it uses rlogind on the hp-ux end (which doesn't open inbound connection like remshd does).

Sridhar Bhaskarla · ‎11-16-2004

Hi Victor,

Since you are able to logon using 'rsh', I don't believe you have any issues with name resolution.

So, I would check the services on HP system mainly. Look to see if the services 'shell, login and exec' are enabled in /etc/services and /etc/inetd.conf and are not restricted for Linux server in /var/adm/inetd.sec. Similarly look for these services (/etc/services ?) on the Linux server as well to see if they are properly resolving the services to port numbers.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Victor Gonzalez_4 · ‎11-17-2004

Thanks

I just confirmed that there is no firewall running on the linux box. I don't know if it's possible to block incomming conections by other means, but that's hardly the case.

On the Hp system, the three services are enabled in the /etc/services file:

exec 512/tcp # remote execution, passwd required
login 513/tcp # remote login
who 513/udp whod # remote who and uptime
shell 514/tcp cmd # remote command, no passwd used

And they are also enabled for inetd:

login stream tcp nowait root /usr/lbin/rlogind rlogind
shell stream tcp nowait root /usr/lbin/remshd remshd
exec stream tcp nowait root /usr/lbin/rexecd rexecd

Also, the hp system does not use restriction for inetd.

A strange thing i have noticed is that on the hp system, is detected a conection from the linux box. The output of netstat just after the rsh attempt is something like this:

tcp 0 0 HPSERVER.shell LINUXBOX.1023 TIME_WAIT

Any help would be greatly apreciated.

Thanks in advance

Sridhar Bhaskarla · ‎11-17-2004

Hi Victor,

tcp 0 0 HPSERVER.shell LINUXBOX.1023 TIME_WAIT

Do not worry about the above. It is in TIME_WAIT condition as a result of your previous 'rsh' command. You may need to do little bit more debugging.

1. If you have another Linux box, try doing 'rsh' to it and see if it works.
2. If you have another HP system, try doing 'remsh' from one HP box to other.

If both the above are working, then I wonder about 'rsh' implementation differences between HP and Linux. May HP is not able to understand what Linux is saying. Theoritically, they should be the same as they are supposed to use the same Berkeley suite.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Victor Gonzalez_4 · ‎11-17-2004

Thank you Sri

Unfortunatly we don't have another Hp system. So i couldn't test conecting from a similar machine. I tried to connect from all the boxes in the lan, included one sun system. All the linuxes responded with the same message (poll: protocol failure in circuit setup) but the sun box didn't print any message. It simply returned inmediatly.

I just tried to connect with remsh from the hp server to itself and it did not succeed. So i think that it's inquestionable that the problem is on the serverside. The message i received was:

$ remsh HPSERVER date
rcmd: recv: Connection reset by peer

I really haven't any clue of what might be causing this. Could any one please give me some more advices?

Thanks

Sridhar Bhaskarla · ‎11-17-2004

Hi,

Use 'lsof' to determine what is exactly running at port 514 (and 512 and 513)

These should be the permissions on remshd.

-r-xr--r-- 1 bin bin 36864 Sep 9 2002 /usr/lbin/remshd

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Victor Gonzalez_4 · ‎11-17-2004

Hello

Thanks for your interest.

The permissions of remshd are the correct ones:

-r-xr--r-- 1 bin bin 32768 Nov 14 2000 /usr/lbin/remshd

And with lsof i got the folowing output:

# ./lsof -iTCP:512,513,514
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
inetd 868 root 8u inet 0x28f3440 0t0 TCP *:login (LISTEN)
inetd 868 root 9u inet 0x28f3540 0t0 TCP *:shell (LISTEN)
inetd 868 root 10u inet 0x28f3640 0t0 TCP *:exec (LISTEN)

Which i think, seems to be correct.

Thanks

RAC_1 · ‎11-17-2004

Post the output of the following.

rsh hp-server date;rsh hp-server date

Wait for about 10 secs.

resh hp-server date

Anil

There is no substitute to HARDWORK

Victor Gonzalez_4 · ‎11-17-2004

Hi

The output from the linux system is as follows:

bash-2.05a$ rsh hpserver date;rsh hpserver date
poll: protocol failure in circuit setup
poll: protocol failure in circuit setup
bash-2.05a$ rsh hpserver date
poll: protocol failure in circuit setup

And from the hpserver:

$ remsh hpserver date; remsh hpserver date
rcmd: recv: Connection reset by peer
rcmd: recv: Connection reset by peer
$ remsh hpserver date
rcmd: recv: Connection reset by peer

You think it may be a problem of a kind of timeout or something like that?

Thanks

RAC_1 · ‎11-17-2004

I was think may be linux or hp box is running out of ports..

Do you have tusc or equivalent?? (on linux)

tusc -vfp "remsh hp-server date"

Anil

There is no substitute to HARDWORK

Sridhar Bhaskarla · ‎11-17-2004

Hi Victor,

At this time, I would run 'tusc' on 'inetd' (follow forks), run 'remsh' and see if I get any clues. Is 'logging' enabled with inetd?.

#inetd -l
#tail -f /var/adm/syslog/syslog.log
#remsh localhost -n 'll /etc/passwd'

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Ermin Borovac · ‎11-17-2004

Please check your /var/adm/inetd.sec file.

Any lines starting with word 'shell' are suspect.

Victor Gonzalez_4 · ‎11-17-2004

Hi,

I feel a little bit stupid now... but well. Thank you Sridhar and Ermin. The services where disabled in inetd.sec. I didn't read carefully the first time Sid suggested that. Sorry for the loss of time.

Thanks again

Victor

Victor Gonzalez_4 · ‎11-17-2004

The services where denying connections, as of settings in /var/adm/inetd.sec.

Thanks for your help

Victor

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: problem conecting to remshd from linux box

problem conecting to remshd from linux box