HPE Community
Operating System - HP-UX
1833582 Members
4729 Online
110061 Solutions
New Discussion

Rlogin with ServiceGuard

 
Gavin Palk
New Member

‎12-04-2006 11:06 PM

‎12-04-2006 11:06 PM

Rlogin with ServiceGuard

HI,

I am having some difficulties rlogin into packages on my service guard cluster. I have set up my .rhosts file with the package name and given access to root. I can rlogin into the nodes of the server without a problem. However when I try to rlogin to my package (mv36a) it prompts me for a password.
I have read that SG uses cmnodelist ahead of rhosts? If this is the case what needs to re added to this file. I also have kerberos auth running, but have stopped this as this was loaded as part of my HPUX build but I am not planning on using it. I have currently disabled it by running the command inetsvcs_sec disable on both nodes.

Any ideas why I can't rlogin into my packages? They are in both hosts tables as well, however I have no hosts.equiv file.

Any help would be great,

Many thanks

Gavin
0 Kudos
Reply
5 REPLIES 5
Steve Steel
Honored Contributor

‎12-05-2006 01:47 AM

‎12-05-2006 01:47 AM

Re: Rlogin with ServiceGuard

Hi


Try putting fully qualified names in your .hosts file.


steve steel
If you want truly to understand something, try to change it. (Kurt Lewin)
0 Kudos
Reply
Gavin Palk
New Member

‎12-05-2006 01:54 AM

‎12-05-2006 01:54 AM

Re: Rlogin with ServiceGuard

Would that mean I would have to put pkg_mv36a:0.0 or similar in the rhosts? The package has that as its full name, however when I ping the floating ip I only use mv36a etc. In the /etc/hosts table I have the ip followed by both names (mv36a and pkg_mv36a)

Gavin
0 Kudos
Reply
Coolmar
Esteemed Contributor

‎12-05-2006 01:56 AM

‎12-05-2006 01:56 AM

Re: Rlogin with ServiceGuard

No, he means your fully qualified domain name ie: server.microsoft.com - microsof.com is the fully qualified domain name (FQDN).

s.
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎12-05-2006 02:20 AM

‎12-05-2006 02:20 AM

Re: Rlogin with ServiceGuard

You need to use the FQDN of the floating ip bound to your packages in /etc/hosts

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎12-06-2006 03:11 AM

‎12-06-2006 03:11 AM

Re: Rlogin with ServiceGuard

The critical thing is that 'rlogind' does a reverse lookup of the 'rlogin' connecting IP.

In the .rhosts file of the **target user on the target remote host**:

... The hostname field must match the result of the above reverse lookup.

... The username field must match the **requesting user of the *connecting* machine**.


So, e.g., if your are connecting from 1.2.3.4 to the remote host, **on the remote host**, do a:

nslookup 1.2.3.4 # (or dig -x 1.2.3.4)
... Name: pine3.tst.com

the result (in this example, "pine3.tst.com") is the name to put into .rhosts **on the remote host**. Depending on how the /etc/nsswitch.conf and /etc/hosts files are set up, you may get a FQDN or a simple hostname. If you get a simple name, do a nslookup on that to get the FQDN:

nslookup 1.2.3.5
... Name: pine6
nslookup 1.2.3.5
... Name: pine6.tst.com


bv
"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.