HPE Community
Operating System - HP-UX
1819684 Members
3558 Online
109605 Solutions
New Discussion юеВ

r-services

 
Raghuram Ollakal_1
Advisor

тАО01-08-2002 10:01 AM

тАО01-08-2002 10:01 AM

r-services

I have 4 HP 9000 servers running HPUX 10.20 and HPUX 11.0. From our network control center I got an e-mail saying that the use of " r-services" on UNIX devices are discontinued and replaced with SSH. but one of my HP server is still running " r-services" how do I check this, if it running hwo can I turn this off.
no personal quote
0 Kudos
Reply
5 REPLIES 5
Uday_S_Ankolekar
Honored Contributor

тАО01-08-2002 11:30 AM

тАО01-08-2002 11:30 AM

Re: r-services

Hi,

With var/adm/inted.sec file you can actually control your all r-services.

-USA..
Good Luck..
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО01-08-2002 12:10 PM

тАО01-08-2002 12:10 PM

Re: r-services

The r-services (such as rcp, rlogin, remsh) are enabled in /etc/inetd.con. The optional security file /var/adm/inetd.sec can be used to narrow down which IP addresses can use them, but to completely disable the -r-daemons, comment out the lines in inetd.conf:

login stream tcp nowait root /usr/lbin/rlogind rlogind
shell stream tcp nowait root /usr/lbin/remshd remshd
exec stream tcp nowait root /usr/lbin/rexecd rexecd

The tell inetd to re-read it's config file with inetd -c and you should find the r-services disabled.


Bill Hassell, sysadmin
0 Kudos
Reply
Craig Rants
Honored Contributor

тАО01-08-2002 12:40 PM

тАО01-08-2002 12:40 PM

Re: r-services

Raghuram,
Besides the information already provided, you will want to chech for .rhost files on you box.

find / -type -f -name .rhosts -exec ll {} \;

You will want to get rid of these files as well. What they are probably doing is blocking tcp ports associated with that traffic i.e. tcp/512, so you even if you use the inetd.sec to control access, you still can't use these services outside your LAN (this assumption is based on my prior government experience).

This isn't the worst thing to happen, ssh has all the capabilites or the r commands.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Darrell Allen
Honored Contributor

тАО01-08-2002 12:53 PM

тАО01-08-2002 12:53 PM

Re: r-services

Hi,

I assume, since you only have 1 server still running the "r" services, this is not a ServiceGuard system. If is is you need to be sure you are using /etc/cmcluster/cmclnodelist before disabling the "r" services.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.