HPE Community
Operating System - HP-UX
1846821 Members
11275 Online
110256 Solutions
New Discussion

problems with rcp

 
SOLVED
Go to solution
Greta Blamire
Frequent Advisor

‎10-31-2000 09:26 AM

‎10-31-2000 09:26 AM

problems with rcp

I'm trying to rcp to work between a couple of my servers, they are both on 11.0. One is a K series, the other an R. I understood the man page on rcp that the user has to be on both system with the same password. I have done this, but it still gives me a invalid login error when I attempt to rcp. The syntax I'm using is:
#rcp *dml root@dev:/u01/fserrano
Another possible aspect of the problem is when I attempt a rlogin with root between the two servers it asks me for the password even though it is the same. I think if I can get rlogin to not ask for a password, then rcp would also work. Thanks for your help!
If you can't face the facts, change them!
0 Kudos
Reply
7 REPLIES 7
Tom Danzig
Honored Contributor

‎10-31-2000 09:30 AM

‎10-31-2000 09:30 AM

Re: problems with rcp

You need to set up .rhosts to allow remote operation without a password. You could use /etc/hosts.equiv also but that won't work for root.

Do a man on .rhosts
Reply
Patrick Wallek
Honored Contributor

‎10-31-2000 09:30 AM

‎10-31-2000 09:30 AM

Re: problems with rcp

You will need to have a .rhosts file in the / (root) directory that has root in it. That should help the rcp/rlogin problems. Check the man page on .rhosts for more ways to tighten security on that.

They syntax I generally use for rcp is 'rcp file machine:/directory/file'. I haven't used the user@machine:/directory syntax.
Reply
Timothy Czarnik
Esteemed Contributor

‎10-31-2000 09:31 AM

‎10-31-2000 09:31 AM

Solution

Re: problems with rcp

Greta,

If the user doing the rcp has a .rhosts file in their home directory (root included), then you won't get the password prompt. The .rhosts file contains the names of the systems that the user can access without a password (using rlogin, rcp, etc...) from that server.

.rhosts on ServerA would include:
ServerB username
ServerB.domain.com username

.rhosts on ServerB would include:
ServerA username
ServerB.domain.com username

Please note that using a .rhosts file is incredibly UNSAFE with regards to system security, especially if you have them for the root account. You can also check out the /etc/hosts.equiv file man pages for more info.

Hope this helps.

-Tim
Hey! Who turned out the lights!
Reply
Stefan Farrelly
Honored Contributor

‎10-31-2000 09:33 AM

‎10-31-2000 09:33 AM

Re: problems with rcp


You want to get remsh to work without a password. Then you will be able to use rcp.

No, you dont need the passwords on both systems to be the same. It doesnt matter what the passwords are.

You want to setup a .rhosts file in the home dir of the user you use to remsh or rcp to the remote server. See man rhosts
Im from Palmerston North, New Zealand, but somehow ended up in London...
Reply
Timothy Czarnik
Esteemed Contributor

‎10-31-2000 10:02 AM

‎10-31-2000 10:02 AM

Re: problems with rcp

Ooops! In my earlier description of the .rhosts file I had a mistype. It should actually be

.rhosts on ServerA would include:
ServerB username
ServerB.domain.com username

.rhosts on ServerB would include:
ServerA username
ServerA.domain.com username

I apologize for this!

-Tim
Hey! Who turned out the lights!
Reply
Greta Blamire
Frequent Advisor

‎10-31-2000 11:53 AM

‎10-31-2000 11:53 AM

Re: problems with rcp

Okay, I got it, Thanks for all the great answers! Tim, I took your warning seriously and removed the .rhosts files after I was done. Thanks again!
If you can't face the facts, change them!
0 Kudos
Reply
Alan Riggs
Honored Contributor

‎10-31-2000 12:05 PM

‎10-31-2000 12:05 PM

Re: problems with rcp

An .rhosts file is not inherently unsafe. So long as permissions are kept locked down properly, an .rhosts file provides no avenue for easy penetration to a system.

What it does do, however, is increase the risk that a single penetration will compromise multiple servers. Many admins also do not like users to maintain individual .rhosts netries because it places that user in the position of gatekeeper to system access. Theoretically, this is no more of a risk than allowing the user to know his own password, but on a practical level mst users are more likely to be careless with an .rhosts entry than with their password.

For myself, I simply make it a point to alert whenever an .rhosts file has been changed and verify that the change does not openthe account to anyone it shouldn't.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.