HPE Community
Operating System - HP-UX
1833788 Members
2434 Online
110063 Solutions
New Discussion

rcp and remsh problem

 
SOLVED
Go to solution
Brad Marks
Super Advisor

‎07-15-2004 06:09 AM

‎07-15-2004 06:09 AM

rcp and remsh problem

I am trying to execute the following command:
rcp root@fkigb:/usr2/x/bam/TEST /usr2/x/bam/TEST

I am getting the following error message:
remshd: Login incorrect.

If I remsh fkigb -l root, it works fine!

Any help very appreciated & points awarded.
Thanks,
Brad
It's not impossible -- it'll just cost more...
0 Kudos
6 REPLIES 6
Karthik S S
Honored Contributor

‎07-15-2004 06:14 AM

‎07-15-2004 06:14 AM

Re: rcp and remsh problem

As far you have .rhosts entries for you localhost in fkigb the following command should work fine.

rcp fkigb:/usr2/x/bam/TEST /usr2/x/bam/TEST

-Karthik S S

For a list of all the ways technology has failed to improve the quality of life, please press three. - Alice Kahn
0 Kudos
Todd McDaniel_1
Honored Contributor

‎07-15-2004 06:21 AM

‎07-15-2004 06:21 AM

Re: rcp and remsh problem


As long as you have root equivalency on both boxes you dont need the user name. it will just confuse the other system.

rcp hostname:/from/file/here /to/file/here
Unix, the other white meat.
0 Kudos
Brad Marks
Super Advisor

‎07-15-2004 06:24 AM

‎07-15-2004 06:24 AM

Re: rcp and remsh problem

I took a look at the man page for rosts and found that by adding "+ root", everyting suddenly works!
Thanks for the help, though!
It's not impossible -- it'll just cost more...
0 Kudos
Todd McDaniel_1
Honored Contributor

‎07-15-2004 06:29 AM

‎07-15-2004 06:29 AM

Solution

Re: rcp and remsh problem

BRAD!!!

NEVER USE + in the .rhosts file... that is a bad no no...


From the man page...

+ Any remote host name matches the host
name + in hostequiv.

This means that anyone who can hack your /etc/hosts.equiv... which I strongly hope you arent using...

from hosts.equiv manpage...

Users from equivalent remote hosts are
permitted to access a local account using rcp or remsh or to rlogin to
the local account without supplying a password

Try to refrain from using /etc/hosts.equiv...

And in .rhosts put only the specific hosts you want to give access to any other hosts.


Also, I would recommned using /etc/hosts.allow and /etc/hosts.deny to regulate what processes can access your boxes...

here is asample of my /etc/hosts.allow:

# cat /etc/hosts.allow
#all : all : banners=/usr/localcw/opt/sysguard/banners : allow
ftpd : all : banners=/usr/localcw/opt/sysguard/banners : allow
telnetd : all : banners=/usr/localcw/opt/sysguard/banners : allow
tftpd : all : banners=/usr/localcw/opt/sysguard/banners : allow
logind : all : banners=/usr/localcw/opt/sysguard/banners : allow
rlogind : all : banners=/usr/localcw/opt/sysguard/banners : allow
remshd: all : banners=/usr/localcw/opt/sysguard/banners : allow
sidftpd : all : banners=/usr/localcw/opt/sysguard/banners : allow
rexecd : all : banners=/usr/localcw/opt/sysguard/banners : allow
sshd : all : banners=/usr/localcw/opt/sysguard/banners : allow
Unix, the other white meat.
0 Kudos
Todd Whitcher
Esteemed Contributor

‎07-15-2004 10:56 PM

‎07-15-2004 10:56 PM

Re: rcp and remsh problem

Hi Brad,

Regarding /etc/hosts.allow and /etc/hosts.deny you will need to install tcp wrappers for that feature. TCP wrappers are simple to set up. Here is a reference to the manual.

http://www.docs.hp.com/hpux/onlinedocs/B2355-90774/B2355-90774.html

You can download HP's TCP Wrappers application from software.hp.com, just search on tcp wrappers.

Since putting + root in the
configuration file solved your problem what I suspect is a name resolution issue on the destination system fkigb. If you used the short name for the remote system, test it w/ the fully qualified name.




A good test is to rlogin or telnet to fkigb and run " who -Rm" and check to see how your client resolves in the output...fully qualified or shortname ) whatever you get is what you need to put in .rhosts.

ex.
who -Rm
root pts/tb Jul 16 05:44 (gator.atl.hp.com)

For security, dont just put + root in the configuration. For added security load HP's secure shell which is also free and available from software.hp.com. TCP wrappers would help you out also.

Hope this helps,

Todd
0 Kudos
Brad Marks
Super Advisor

‎08-24-2004 02:01 PM

‎08-24-2004 02:01 PM

Re: rcp and remsh problem

Thanks all
It's not impossible -- it'll just cost more...
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.