HPE Community
Operating System - HP-UX
1832666 Members
3256 Online
110043 Solutions
New Discussion

wtmp getting full due to remshd every second

 
achyuth
Advisor

‎01-04-2008 10:19 PM

‎01-04-2008 10:19 PM

wtmp getting full due to remshd every second

hi,

we are facing a problem that wtmp file is getting full due to remshd to remote hosts every second
0 Kudos
Reply
5 REPLIES 5
VK2COT
Honored Contributor

‎01-05-2008 12:07 AM

‎01-05-2008 12:07 AM

Re: wtmp getting full due to remshd every second

Hello,

The remshd command is the server for the
rcp, rdist and remsh commands, rcmd() and the
rcmd_af() function in case of IPv6 systems.

You did not specify whihc HP-UX version you are running and if you use Trusted Systems
(TCB) for password database.

Firstly, you need to find out which program
(or maybe a Shell script) is trying to fork
out processes so often...

What are the errors in system logs?

For example, if you are facing the following
type of error:

rcmd: connect : : Connection refused.

This generic message could be due to a number
of reasons:

a) The entry for shell service is not present
in /etc/inetd.conf. This entry may have been
removed or commented out to prevent
non-secure access.

To start remshd from the inetd daemon in a
non-secure environment, the configuration
file /etc/inetd.conf must contain an entry
as follows:

shell stream tcp nowait root /usr/lbin/remshd remshd

In a secure environment, /etc/inetd.conf
must contain an entry:

kshell stream tcp nowait root /usr/lbin/remshd remshd -K

b) Login account is invalid (password
expired, for example). Or, remote
command cannot chdir() to home directory.

c) Maybe your programs want to use .rhosts
based authentication and the remote shell
daemon remshd (known as rshd on non-HP-UX
systems) uses an "-l" option to prevent
authentication based on the user's .rhosts
file unless the user is the super-user.

d) And so on.

Regards,

VK2COT
VK2COT - Dusan Baljevic
0 Kudos
Reply
VK2COT
Honored Contributor

‎01-05-2008 12:29 AM

‎01-05-2008 12:29 AM

Re: wtmp getting full due to remshd every second

Also, make sure your hostname resolution is operational (DNS, NIS, or whatever you use)...

VK2COT
VK2COT - Dusan Baljevic
0 Kudos
Reply
achyuth
Advisor

‎01-05-2008 09:35 AM

‎01-05-2008 09:35 AM

Re: wtmp getting full due to remshd every second

hi,
my hp ux version HP-UX B.11.11

the /etc/confile is
kshell stream tcp nowait root /usr/lbin/remshd remshd -K

there is no error mesg.for remshd

but we have a process that should remsh into remote servers.but that shouldn't happen too often.

thx in advance
0 Kudos
Reply
VK2COT
Honored Contributor

‎01-05-2008 01:43 PM

‎01-05-2008 01:43 PM

Re: wtmp getting full due to remshd every second

Hello,

If you are NOT using Kerberos or secure
environment, then a different entry must be
in /etc/inetd.conf:

shell stream tcp nowait root /usr/lbin/remshd remshd

In a secure environment, /etc/inetd.conf
must contain an entry:

kshell stream tcp nowait root /usr/lbin/remshd remshd -K

Are you sure you are using Kerberos?

Also, are the Unix accounts that use remote services OK?

Cheers,

VK2COT

VK2COT - Dusan Baljevic
0 Kudos
Reply
Kapil Jha
Honored Contributor

‎01-05-2008 02:07 PM

‎01-05-2008 02:07 PM

Re: wtmp getting full due to remshd every second

>>>we have a process that should remsh into remote servers.but that shouldn't happen too often

What is this process and what it is doing exactly........if you can trythe remsh command of process on your own.
For the time being if it is creatinfg problem out a cron tab entry to null this file.
#>wtmp
BR,
Kapil
I am in this small bowl, I wane see the real world......
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.