- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: remsh and rtelnet
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2003 07:50 AM
09-03-2003 07:50 AM
Hope I can get some clear answers.
Regards
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2003 08:31 AM
09-03-2003 08:31 AM
SolutionYou just didn't click them at install. You can put the cd back in and browsw through it. Telnet will be under telnet server.
Or you can go get the current rpm's from red hat's web site. http://www.redhat.com
Download them.
rpm -i
You might need to configure xinetd.conf to enable the services, the install might not do that.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2003 08:54 AM
09-03-2003 08:54 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
You may wish to read the following, from redhat, an advise on those services :
http://www.europe.redhat.com/documentation/rhl8.0/rhl-rg-en-8.0/s1-ssh-requiring.php3
hope this helps.
J
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2003 09:32 AM
09-03-2003 09:32 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
rsh peanuts -l al cat /devannex/sam ">>" /tmp/sam
peanuts is my remote machine which is a HP-UX 10.20. al is a user. I expected this to write the contents of file 'sam' to location /tmp. It is hanging there. Is it a permissions problem? Or what else? I have permissions for everybody to access /devannex.
Am I missing something?
Thanks in advance
Sam
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2003 10:30 AM
09-03-2003 10:30 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
rsh -l al peanuts "cat /devannex/sam" >> /tmp/sam
This would write the contents of the file located on "peanuts" to your local machines /tmp/sam file
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2003 10:39 AM
09-03-2003 10:39 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
Almost the same command as I gave last time but substitute ssh for rsh:
ssh al@peanuts "cat /devannex/sam" >> /tmp/sam
This is ask for a password for the al user on the HP-UX machine ( or from NIS or whatever you use ) and then the contents of the sam on the HP box is dumped to a file on your local machine in /tmp called sam.
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2003 07:59 AM
09-04-2003 07:59 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
I don't need any security since I am doing it with in my trusted small network. To set up ssh, I guess I have to set all security correctly.( I tried ssh also, but came with permission refused. If I try is there a simple way of bypassing the security restricions?).
Can some body tell me why it is hanging and won't create any files with that command?
rsh -l al peanuts "cat /devannex/sample1" >> /tmp/sam.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2003 09:09 AM
09-04-2003 09:09 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
First you have to reduce the restrictions of PAM, in debian this means you have to edit the /etc/pam.d/rsh /etc/pam.d/rlogin and change the this line:
auth required pam_rhosts_auth.so
To:
auth sufficient pam_rhosts_auth.so
This will tell pam that if the machine passes the rhosts check, ie. is in /etc/hosts.equiv or there is a .rhosts in the home dir of the specified user then all of the other pam modules are ignored. This is a big hole so make sure this is not attached to any other networks or accessible by arbitrary people. This hole allows this to happen:
rsh -l root machine
with no password
Now that pam has been crippled you need to add the hosts to the file /etc/hosts.equiv. This is the system wide rhosts file, any entry in this file that does not have a - infront of its name can rsh to this machine as any user without providing a password so be very careful what you put in here. The man page would lead you to believe that every entry needs a preceeding + infront of its name. It has been my experience that you only need the name of the machine ( as long as the name is resolvable ). Here is my /etc/hosts.equiv
#cat /etc/hosts.equiv
obiwan
yoda
han
chewie
turlet
#
I needed to add a /root/.rhosts on my systems, I can't remember why, but the contents of the .rhosts is simply the name of the master server in the little farm on a single line, like this:
#cat /root/.rhosts
obiwan
#
After all of these settings have been changed I rebooted the machines and the settings took effect after the reboot. The reboot was necessary simply to changed the kernels on the machines, but I do recall that the pam changes only took effect after the reboot so you may have to restart pam/networking on the machine if you do not want to have to reboot the boxes.
Oh and you may have to modify the securetty file so that the root user can login over rsh/rlogin you may have settings set that anything other than the console or vt is not happening.
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2003 11:47 AM
09-04-2003 11:47 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
Thanks. I did all of what you said. I tried between two linux machines before I try between a linux and HP. With the rsh I get the error:
krb_sendauth failed: you have no tickets cached. It seems something more is holding me. I am able to do a 'rsh -l root barny' where barny is my other machine. It comes to the # prompt. But I cannot execute an ls or a cat command using rsh. Any idea where I am going wrong?
Thanks for the help
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2003 01:21 PM
09-04-2003 01:21 PM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
The first error sounds like a kerberos problem. I haven't spent much time hacking around with kerberos so I won't be much help there, although I did check out the man page and it says you can give a -k switch to turn off kerberos, so give that a whirl. Maybe someone with more experience with kb wants jump in here?
Well what we know is that rsh in some form works with no password as long as you don't run a command, right?
That tells me that rlogin works but rsh doesn't, so check the pam conf stuff for rsh.
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2003 01:22 PM
09-04-2003 01:22 PM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
The first error sounds like a kerberos problem. I haven't spent much time hacking around with kerberos so I won't be much help there, although I did check out the man page and it says you can give a -k switch to turn off kerberos, so give that a whirl. Maybe someone with more experience with kb wants jump in here?
Well what we know is rsh in some form works with no password as long as you don't run a command, right?
That tells me that rlogin works but rsh doesn't, so check the pam conf stuff for rsh.
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2003 03:06 AM
09-05-2003 03:06 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
in the pam.d is there a way of telling that there is no restrictions 'not required' instead of sufficient, so as to by pass all the security totally. kerbaros seems to be the issue that I have to get over with, I guess.
Dave thanks for your help. If any of the other experts can show me a light, I would appreciate.
Regards
sam
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2003 06:43 AM
09-05-2003 06:43 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
-K The -K option turns off all Kerberos authentication.
Try that it should work.
As for turning off all restrictions if you get around the kerberos the sufficient line will do it:
sufficient means if this is satisfied then ignore the rest of the pam restrictions. I am pretty sure that list for a service is run through from the top of the list to the bottom so make sure that the :
auth sufficient pam_rhosts_auth.so
is at the top.
I think if you use the -K we can start troubleshooting the pam portion of your problem.
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2003 12:16 PM
09-08-2003 12:16 PM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
There is no -K option first of all under ksh. It is only -k and it is for realm. I am using red Hat 8.0. I think if I can handle the kerberos hurdle I will be ok. Please let me know if you have any other suggestion. I need to solve this immediately.
Thanks and regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2003 10:51 AM
09-09-2003 10:51 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
#ssh leroy -l al "cat /home/al/list1" >> /tmp/sam1
ssh: connect to host leroy port 22: Connection refused
How can I resolve this connection refused issue? I have .rhosts under / for leroy and this contains entry including barny (which is the linux computer) From where I am giving this command.
Is there anything else to be done on HP side?
Thanks and regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-11-2003 05:46 AM
09-11-2003 05:46 AM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
ssh will not heed the .rhosts or hosts.equiv that is specifically for the older depricated r tools.
Does this remote command happen in a batch or cron script or is there user intervention when the command happens? Are you at the terminal?
if so then ssh with a password will work.
The error you had with ssh most often happens because the ssh server is not running on the host you are connecting to. Check to make sure that sshd is functioning and listening on the proper port:
netstat -ap |grep 22
should tell you whats listening on port 22. If nothing is listening then you can't connect.
Have you checked the rsh man page for any useful switches? As I had previously said the rsh man page on my machine debian ~3.0 says that the -K switch will turn off all of the kerberos auth.
I hope that helps,
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2003 08:57 PM
09-13-2003 08:57 PM
			
				
					
						
							Re: remsh and rtelnet
						
					
					
				
			
		
	
			
	
	
	
	
	
ssh al@leroy "cat /devannex/sam" >> /tmp/sam
That is: ssh
