rsh issue (access denied)...

bruce bedouglas at earthlink.net
Wed Jun 25 12:03:57 UTC 2008


hi guys!!

once again, gotta say thanks to the group on the list/net! the rsh issue was/is solved. it appears that the access denied issue was due to the user's "home" directory, not being owned by the "user" which led to some internal permission issues on the rsh server box:

do when i did a "rsh -l test foo 'ls'",
this would attempt to login as the user "test" on the "foo" server, and to do an "ls" of the home dir for "test" user on the "foo" server. in this instance, the permissions issue caused an access denied. correcting the owner/group for the "/home/test" solved the issue. there was no need to make any changes, and in fact, no need to have any local ".rhosts" file...

a little tricky issue.. but hopefully, this might help someone in the future in trying to diagnose their issues..

thanks again!!



-----Original Message-----
From: fedora-list-bounces at redhat.com
[mailto:fedora-list-bounces at redhat.com]On Behalf Of Alexander Apprich
Sent: Tuesday, June 24, 2008 11:03 PM
To: For users of Fedora
Subject: Re: rsh issue (access denied)...


I discovered differences between you /etc/pam.d/rsh|rlogin
could you backup your files and replace them with the following
lines?

apprich at elmstreet pam.d $ cat rsh
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       required     pam_rhosts_auth.so
account    include      system-auth
session    optional     pam_keyinit.so    force revoke
session    include      system-auth



apprich at elmstreet pam.d $ cat rlogin
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rlogin" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       sufficient   pam_rhosts_auth.so
auth       include      system-auth
account    include      system-auth
password   include      system-auth
session    optional     pam_keyinit.so    force revoke
session    include      system-auth


I'm wondering why this is different on your system, as rah
worked like out-of-the-box here by just enabling rsh/rlogin
in /etc/xinetd.d and restarting xinetd

Alex
-- 
Vorstand/Board of Management:
Dr. Bernd Finkbeiner, Dr. Florian Geyer,
Dr. Roland Niemeier, Dr. Arno Steitz, Dr. Ingrid Zech
Vorsitzender des Aufsichtsrats/
Chairman of the Supervisory Board:
Prof. Dr. Hanns Ruder
Sitz/Registered Office: Tuebingen
Registergericht/Registration Court: Stuttgart
Registernummer/Commercial Register No.: HRB 382196 


-- 
fedora-list mailing list
fedora-list at redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list





More information about the fedora-list mailing list