HPE Community
Operating System - Linux
1829764 Members
13188 Online
109992 Solutions
New Discussion

Re: help rcp problem..

 
SOLVED
Go to solution
jackfiled
Advisor

‎10-23-2003 12:18 PM

‎10-23-2003 12:18 PM

help rcp problem..

Hi all
how to setup rcp


[root@ecfarm4 /root]# rcp a 211.230.50.34:/
Permission denied.

what's the problem..?
any tips would be helpful
0 Kudos
Reply
8 REPLIES 8
Stuart Browne
Honored Contributor

‎10-23-2003 12:42 PM

‎10-23-2003 12:42 PM

Re: help rcp problem..

3 possible problems come to mind:

1) The 'rsh' service isn't enabled on the remote machine.
2) The 'root' user isn't permitted to use the r* services.
3) The .rhosts (host equivlancey) is not configured correctly.

Depending on what OS is on the server box (211.230.50.34) depends on the steps that you are now requried to take.

On a side note, is there any particular reason you are using plain-unsecure rcp instead of the OpenSSH equivlant (scp) ? It would be preferable that you set up SSH to send the data in an encrypted, and secure way, especially as it appears to be over a public network link.
One long-haired git at your service...
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-23-2003 03:22 PM

‎10-23-2003 03:22 PM

Re: help rcp problem..

Configuration files to check:

/etc/hosts.equiv it can block r-protocols.

You need a .rhosts file in the home directory of the user.

Check /etc/inetd.conf and or xinetd.conf for the r-protcols being run.

Check the disable flags in /etc/xinetd.d/ for rexec and rlogin.

You might want to restart inetd or the whole box if you make major changes.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
jackfiled
Advisor

‎10-23-2003 04:13 PM

‎10-23-2003 04:13 PM

Re: help rcp problem..

Oct 24 12:14:21 211.230.50.37/211.230.50.37 xinetd[22990]: START: ftp pid=25028 from=210.99.142.1
Oct 24 12:14:26 211.230.50.37/211.230.50.37 last message repeated 12 times
Oct 24 12:14:26 211.230.50.37/211.230.50.37 ftpd[25028]: FTP session closed
Oct 24 12:14:26 211.230.50.37/211.230.50.37 xinetd[22990]: EXIT: ftp pid=25028 duration=5(sec)
Oct 24 12:14:27 211.230.50.37/211.230.50.37 kernel: Non Fatal error on ida/c0d0

syslog is logging as above..
.rhosts /etc/hosts.equiv /etc/xinetd.d/rsh enabled..
what's the problem?
who help me?
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎10-23-2003 04:23 PM

‎10-23-2003 04:23 PM

Solution

Re: help rcp problem..

Given that none of those messages talk about rcp, but about ftp..

If it is as you say, and /etc/securetty has 'rsh' in it (or the pam.d entry for rsh is not rejecting root on pseudo-tty's), then I'd say firewall.
One long-haired git at your service...
Reply
jackfiled
Advisor

‎10-23-2003 05:19 PM

‎10-23-2003 05:19 PM

Re: help rcp problem..

/etc/pam.d/rsh
/etc/pam.d/rlogin
/etc/pam.d/rexec

after insert '#' pam_rhosts_auth each of them
it works fine ^^^^^^^^^^^^^^
thanks all

0 Kudos
Reply
Stuart Browne
Honored Contributor

‎10-23-2003 06:35 PM

‎10-23-2003 06:35 PM

Re: help rcp problem..

That would mean that anybody (firewall permitting) will be able to use rsh/rlogin/rexec on your machine.

That is a VERY BAD thing.

If commenting out that line fixed it, it would mean that the '~/.rhosts' file on the server either did not have the correct permissions (600), or was not populated correctly (did you have a name, when it doesn't resolve?).
One long-haired git at your service...
0 Kudos
Reply
Huc_1
Honored Contributor

‎10-23-2003 08:49 PM

‎10-23-2003 08:49 PM

Re: help rcp problem..


Yes, this is not such a good idea, I would at least use safer tool, I mean shh, sftp, scp because they are most probably already there on the system, so much safer (no clear password, strong encryptation, etc), same fuctionality.

Present setup to debbug, but when problem solved rectifie setup (make safe again), start using ssh tools.

I usualy disable all the "r" command (rsh,rhost) and ftp only use sft and ssh

Just my 0.02 Euro/cent

J-P
Smile I will feel the difference
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-23-2003 11:43 PM

‎10-23-2003 11:43 PM

Re: help rcp problem..

rcp functionality can be replaced safely without the risks that Stuart refers to as follows:

openssh

http://openssh.org

or get it from red hat with http://www.redhat.com as rpm files.

Password free access can be set up by exchanging public keys.

See attachement.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.