RHEL4 - rsh: permission denied

Rick Stevens rstevens at vitalstream.com
Wed May 3 21:08:34 UTC 2006


On Wed, 2006-05-03 at 15:36 -0400, Thomas Walter wrote:
> I'm trying to get rsh set between two machines (local is Solaris 9, 
> remote is RHEL4). I've done it before (I 
> have a "cookbook") but I'm missing something. Please help. I'm aware of 
> the security issues involved using "r" commands.
> 
> What I've done on remote machine:
> - in .rhosts I put FQ machine name and user name.

That's in the common user's home directory, right?  E.g.
"~fred/.rhosts" assuming the common user is "fred".

> - added "+ FQ machine name user" in /etc/hosts.equiv

That's "+ other-machine-name username", right?

> - in /etc/xinetd.d/rsh and rexec changed to "disable = no"
> - added rsh to /etc/securetty
> - restarted xinetd
> - no error messages in/etc/log/messages when restarting xinetd.

Uh, when you say "restarted xinetd", did you "service xinetd restart"
or simply pass it a SIGHUP?  I don't always trust "service xinetd
restart".  I'd prefer "service xinetd stop;service xinetd start".  I
know it's pedantic, but I've seen xinetd hang using the restart option.

> What I've done on local machine:
> - added remote FQ machine name and same user name to .rhosts

Again, in the common user's .rhosts file, right?
> 
> On local machine the command "rsh machinename w" results in "permission 
> denied"
> 
> On remote machine command "rsh localhost w" results in "permission denied.

Did you check /var/log/messages or /var/log/secure on the remote system
to see what errors were spit out?

----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-    "Hello. My PID is Inigo Montoya.  You `kill -9'-ed my parent    -
-                     process.  Prepare to vi."                      -
----------------------------------------------------------------------




More information about the Redhat-install-list mailing list