remshd: Login incorrect

David L Brewster · ‎08-30-2006

Something very unusual is happening to me.
My remsh command works every other time to a particular server.
We have 13 servers in all. remsh works consistently between all servers except these two 'medusa' and 'atlas1'.
When on medusa and remsh to atlas1, it works every other time.
Example:
$ hostname
medusa
$ date
Wed Aug 30 10:54:04 EDT 2006
$ remsh atlas1 pwd
remshd: Login incorrect.
$ date
Wed Aug 30 10:54:11 EDT 2006
$ remsh atlas1 pwd
/users/tech/brewsted
$ date
Wed Aug 30 10:54:16 EDT 2006
$

Always works from atlas1 to medusa.
Only from medusa to atlas1 do I see this behavior. Confirmed setup of .rhosts and /etc/hosts.equiv and /etc/hosts.
Don't know why this works, then doesn't work, then works, then doesn't work, etc.
Any ideas?

Dave

IT_2007 · ‎08-30-2006

do you see any errors in syslog.log? check it out.

David L Brewster · ‎08-30-2006

Nothing appears in syslog.log

Peter Godron · ‎08-30-2006

Dave,
are you sure your address is being resolved correctly? How are you resolving your return address (DNS ot /etc/hosts). If multiple DNS, are your servers correctly specified?

Bill Hassell · ‎08-30-2006

Very likely due to DNS in the machine with the .rhosts file. The rules are:

1. .rhosts must be 600 permission or it silently doesn't work

2. The remote computer entries in .rhosts must be resolvable with nslookup. Take each name (or IP address) and run it through nslookup.

3. The incoming client must have a username that matches the same username in the local server. The UID for this user does not have to match the client's UID but the username must match. If these are NIS machines, that is also a source of username problems.

Because it is intermittant, it is likely due to a DNS problem but that will take a long time to figure out. To bypass the problem, make sure you have this in /etc/nsswitch.conf:

hosts: files [NOTFOUND=continue TRYAGAIN=continue] dns

Then put the name and IP address of medusa in /etc/hosts on the atlas1 system.

Bill Hassell, sysadmin

Doug O'Leary · ‎08-30-2006

Hey;

I'd be remiss if I didn't say that the UNIX r commands are a bad idea from the get go. Use ssh. Secure shell with public key authentication gives you everything you have through the UNIX r commands + X11 tunneling + encrypted pipes t/f the remote hosts.

That being said, and in addition to B.Hassel's input, my first step to troubleshooting rlogin problems is to telnet from the problem host to server (medusa -> atlas1 in this case.

When you're logged in,

tty # not the tty number
who -R | grep ${tty}

The address that the system sees you coming from will be the last column. Ensure that's a host name and that it's the one in the ~/.rhosts.

HTH;

Doug

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html

David L Brewster · ‎08-30-2006

Hi Doug:

Thanks for the input.
who -R returns the following on atlas1 after I telnet in from medusa:
# who -R
root console Aug 22 09:22 (atlas1)
root pts/ta Aug 29 07:58 (hp725)
brewsted pts/tb Aug 30 10:51 (medusa.gabrobins)
root pts/tc Aug 29 08:23 (hp725)
#

Note the brewsted line with (medusa.gabrobins). I am expecting this to be simply medusa (like the (hp725) lines).
How would I be able to get my telnet session to resolve to 'medusa'?

Thanks!

IT_2007 · ‎08-30-2006

check your /etc/hosts file
and also nslookup to see if it returns properly.

David L Brewster · ‎08-30-2006

Hi Srini:
Thanks for the input.
Here is my output:
# hostname
atlas1
# nslookup medusa
Using /etc/hosts on: atlas1

looking up FILES
Name: medusa
Address: 199.231.8.1
Aliases: medusa.gabrobins.com

Dave

Victor Fridyev · ‎08-30-2006

Hi,

It looks like you have either problem with direct-reverse name resolution or duplicate IP for one of the servers.
Run 5-6 times
nslookup IP-medusa from atlas
and
mslookup IP-atlas from medusa in order to check 1-st suggestion and ping to IP of a server when it's disconnected from the network

HTH

Entities are not to be multiplied beyond necessity - RTFM

Dave Hutton · ‎08-30-2006

Any chance these two that don't work are 11.23 and the others are 11.something other?

I noticed 11.23 seems to resolve names differently.

David L Brewster · ‎08-30-2006

Hi Dave:

Both machines 11.11.

Dave

Bill Hassell · ‎08-30-2006

Looks like gabrobins (domain) is being added by either:

an alias in /etc/hosts,

by your DNS server,

or by the domain line in /etc/resolv.conf

so as a workaround in .rhosts:

medusa billh
medusa.gabrobins billh
12.34.56.78 billh

This way, all the possible name resolution results will at least match one of the .rhosts entries.

Bill Hassell, sysadmin

David L Brewster · ‎08-30-2006

Hi Bill:

Thanks. This did work.
A good temporary fix until I find out why the hostname is resolving to this.
Thanks again!
Dave

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

remshd: Login incorrect

remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect

Re: remshd: Login incorrect