HPE Community
Operating System - Linux
1829103 Members
2208 Online
109986 Solutions
New Discussion

rlogin

 
SOLVED
Go to solution
Fadia Almarei
Super Advisor

‎04-18-2004 07:03 PM

‎04-18-2004 07:03 PM

rlogin

how to configure my linux 9 server be rlogin from another server without puting password ,(is there is .rhosts file for the system) and how can i telnet in to my system with the password of the root
fadia.marei
0 Kudos
Reply
7 REPLIES 7
Stuart Browne
Honored Contributor

‎04-18-2004 07:09 PM

‎04-18-2004 07:09 PM

Re: rlogin

Telnet to the server (especially for root) is such a bad idea.

Yes, '.rhosts' exists, and work int he same manner as most other Unix varients (in user home-directory, 600 permissions).

To 'rlogin' as root however, you will have to bypass some of the default security however.

The eastiest way is to modify '/etc/securetty', and put the keyword 'rsh' on a line by it's self.

This should allow root rlogin's. You'll also need to enable the 'rlogin' and 'rsh' services (chkconfig rlogin on; chkconfig rsh on).

Personally, I'd start by looking into using 'ssh' instead. It's far more secure for these sorts of things.
One long-haired git at your service...
0 Kudos
Reply
Fadia Almarei
Super Advisor

‎04-18-2004 07:25 PM

‎04-18-2004 07:25 PM

Re: rlogin

but i did not found the file i creat one put also the rlogin does not work without password
fadia.marei
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎04-18-2004 07:31 PM

‎04-18-2004 07:31 PM

Re: rlogin

Correct, the file won't exist by default.

So you create it in '~user/.rhosts', make sure it has only user-RW permissions (chmod 600 ~user/.rhosts). Within the '.rhosts' file you have the machine name, or IP addres, of the machine you are coming from. This name has to be the same as what your machine resolves it as! Watching the errors in your log files help.

If it's the 'root' user you are trying to 'rlogin' with, then you need to add 'rsh' to '/etc/securetty'. If it's any other user, then it doesn't matter.
One long-haired git at your service...
0 Kudos
Reply
Fadia Almarei
Super Advisor

‎04-18-2004 07:35 PM

‎04-18-2004 07:35 PM

Re: rlogin

what should i add to the /etc/securetty file, please but for me the steps
fadia.marei
0 Kudos
Reply
Fadia Almarei
Super Advisor

‎04-18-2004 08:56 PM

‎04-18-2004 08:56 PM

Re: rlogin

thanks for help , i do all things , i add the server in the /root/.rhosts file and the server to the /etc/hosts , but when i do rlogin or rsh they need from me to put a password, and even when i do remote backup it will give me that permission denied that it can notlogin as root
fadia.marei
0 Kudos
Reply
Roberto Polli
Trusted Contributor

‎04-18-2004 08:59 PM

‎04-18-2004 08:59 PM

Solution

Re: rlogin

Hi fadia,
rh8 uses pam for authenticatin users, so all you need is to check the /etc/pam.d/rlogin file ; it specifies all the steps linux do after granting you access.

An rlogin file working with .rhosts is the following:
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rlogin" must be
# listed in /etc/securetty.
auth required /lib/security/pam_nologin.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_rhosts_auth.so
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth

First of all, add rlogin in /etc/securetty with
#echo rlogin >> /etc/securetty;
(recommend the double '>>' )
then change your /etc/pam.d/rlogin file like the one above.

Then it should work.

To keep your box safe i strongly recommend to you to read carefully the PAM documentation. It's essential for managing your machine.

Any comments about the rlogin file are welcome!

Peace, Rob
Reply
Fadia Almarei
Super Advisor

‎04-18-2004 10:28 PM

‎04-18-2004 10:28 PM

Re: rlogin

thanks alot for all , it was really big problem for me
fadia.marei
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.