The r-commands (rexec, remsh, rlgoin, rcp) are high risk commands because they do not ask for a password. To protect against external attacks as much as possible, the daemons running on the remote side will perform a validation of the incoming computer's IP address and hostname. So the password is requested whenever the remote computer cannot check the address.
Now how is this performed? Well, if you remove /etc/resolv.conf from the remote machine then the hosts file is all there is and it must contain both the IP and hostname of the incoming machine. And of course, the .rhosts file must also have the remote computer's name and/or the IP address.
DNS gets more complicated, mostly because DNS is often handled by Windows admins and fail to create reverse IP lookups and MX records. If DNS is used on the remote system, you must test the .rhosts file by using nslookup to lookup the IP address and also the hostname -- both queries must match.
And finally, .rhosts must always be 600 (-rw-------) permission. Never allow .rhosts files to be read by anyone except the owner. And /etc/hosts.equiv is quite dangerous as it defines a .rhosts file for every user on the system.
That said, if these systems are important, consider installing ssh from HP and shutting down all the r-services for security.
Bill Hassell, sysadmin
