1833875 Members
2707 Online
110063 Solutions
New Discussion

remsh, rlogin

 
Amir Fadaghi
Advisor

remsh, rlogin

every time I try to user rlogin like :
rlogin remote-hostname -l user-name
I am getting the
connection closed
message. I have checked /etc/services and /etc/inetd.conf and none of the related commands are commented out. Is there anything else I should be checking that I am not. I am not using DNS either just the local host.
I apprecite the help
reach and touch someone
8 REPLIES 8
Rodney Hills
Honored Contributor

Re: remsh, rlogin

The user-name home path on remote-host must have a .rhosts file with a line for each hosts that are allowed to rlogin. This file should not be writable by anyone except the owner.
There be dragons...
Jim Turner
HPE Pro

Re: remsh, rlogin

Hi Amir,

There are a number of issues you need to check.

1. If you made any changes to /etc/inetd.conf in order to activate rlogin, you will need to execute "inetd -c" to make the changes effective.

2. You mention that you use only /etc/hosts on both machines. Ensure that both local and remote machines nslookup (hostname -> IP and IP -> hostname) correctly on both machines. If not, edit /etc/hosts and make corrections. Also make sure your /etc/nsswitch.conf file on both machines specify the use of /etc/hosts (files) before any other name service.

3. Are you attempting the rlogin as user "root"? If so, make sure there is an entry in /.rhosts on the remote machine for the local machine's name. If you are trying to rlogin as a non-root user, make sure there is an entry in /etc/hosts.equiv on the remote machine for the local machine's name.

4. It's also a good idea to have your UID's and GID's consistent between machines.

5. Check available resources such as
man 1 rlogin
man r hosts.equiv

Best Regards,
Jim
Jim Turner
HPE Pro

Re: remsh, rlogin

Oops. That last one should be "man 4 hosts.equiv". I wish I could type.
Jimmy Rogers
Frequent Advisor

Re: remsh, rlogin

Also you want to check the file /var/adm/inetd.sec and make sure exec and login fields are set to allow rather than deny.

If you aren't sure if your network is secure, you should get ssh and use it rather than the "r" commands.

Good luck!
J.R.
Amir Fadaghi
Advisor

Re: remsh, rlogin

the .rhosts is for not wanting to enter the password, am I correct? I am not even getting the
password:
prompt. I am not getting UNKNOWN host error or something like that just connection closed message. I do not have /var/adm/inetd.sec either. I did not modify /etc/inetd.conf to run inetd -c. What could it be?
thanks
guys
reach and touch someone
Shannon Petry
Honored Contributor

Re: remsh, rlogin

You should check first /var/adm/inetd.sec. This file acts like it's big brother tcp_wrappers. It can allow or deny access to the given host based on a ruleset.
Since you are getting immediately connected I would be willing to bet that inetd.sec is the problem, or someone installed tcp-wrappers.

If you are connecting to a Sun, as root there is a security feature in a file called /etc/default/login. In order to login remotely as root, you must comment out a Console line.

Regards,
Shannon
Microsoft. When do you want a virus today?
KapilRaj
Honored Contributor

Re: remsh, rlogin

Hi Amir (u Amir Khan ?),

If i face a prob like this,i would do the following,

01. ping remote host
02. telnet remote host

You can look for some probs in the remote machine.

Whether /etc/inetd.conf contain a line as follows,

login stream tcp nowait root /usr/lbin/rlogind

If does not exist create it and do inetd -c (It reads the file once again.

Do checkup for some netwrk probs also. If any socket error happens , rlogind reject the connection with "Connection closed" message.

Best Wishes,

kaps
Nothing is impossible
KapilRaj
Honored Contributor

Re: remsh, rlogin



Amir

Please check up whether both the machines are pinging to each other or not by using IP address. If not, there is some network connectivity problem

If it is pinging, then U can check the entry in remote machine's /var/adm/inetd.sec. here ur local machine name should not be there after deny option.

I don't think .rhost file and hosts.equiv files will come in to picture here.

Best of luck
Shahul

Nothing is impossible