Solved

rcp permission

Posted on 2000-04-13
7
2,620 Views
Last Modified: 2013-12-27

I have two solaris machines A, and, B, both have the account "accnt" established.

The .rhosts at A:~accnt has the following line:

    B.powertv.com  accnt

The .rhosts at B:~accnt has the following line:

    B.powertv.com accnt

I am able to do the following on A

     rcp test.txt B:~accnt

But if I try the corresponding one on B

     rcp test.txt A:~accnt

I got "permission denied"

Any idea where to look for the configuration problem ?

Thanks !!

Vincent

0
Comment
Question by:vincentlue
7 Comments
 
LVL 20

Expert Comment

by:tfewster
ID: 2713578
> The .rhosts at A:~accnt has the >following line:  B.powertv.com  accnt
- So A trusts rcp/rlogin from B

> The .rhosts at B:~accnt has the >following line: B.powertv.com accnt
- So B trusts B (Why?)

>I am able to do the following on A
>rcp test.txt B:~accnt
- As B hasn't been setup to trust A by .rhosts, it must have been set up in B's /etc/hosts.equiv

>But if I try the corresponding one on >B: rcp test.txt A:~accnt
>I got "permission denied"
- If just the .rhosts is set, this should work. However, if B has been specified as UNtrusted in A's /etc/hosts.equiv with -B, the .rhosts file won't override it.

Further, rcp/rlogin to A may have been disabled in /etc/inetd.conf

Another possibility is if the hostnames of the machines are just A & B instead of ?.powertv.com - I can't remember if rcp authentication goes on the hostname or the IP address



0
 

Expert Comment

by:encilar
ID: 2714403
tfewster is right !!! For simplicity, just do this entry for both .rhosts of both machines...

The .rhosts at A:~accnt should have the following line:
B.powertv.com  accnt

The .rhosts at B:~accnt should have the following line:
A.powertv.com accnt

I'm pretty sure this would work for rcp, rsh, rlogin, etc.
0
 
LVL 1

Accepted Solution

by:
jacquesc030600 earned 50 total points
ID: 2718990
Hi,

you should edit two files in each system

On system A

nodename of machine A and B

vi /etc/hosts



exemple

ComputerA   192.9.200.1
ComputerB   192.9.200.2

And in the file /.rhosts on each one the nodename of the other computer

On the computer A

vi /.rhosts

computerB

On the computer B

vi /.rhosts

computerA

It should work


0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 20

Expert Comment

by:tfewster
ID: 2719079
jaquesc, /.rhosts is the file to allow rlogin by root (which is NOT usually a good idea). Please convert your answer to a comment.

vincentlue, one additional test is to try rlogin from B to A; If you are prompted for your password, but then allowed in, this would confirm that there are no other networking/security issues, e.g. if the hosts are on opposite sides of a firewall. Also, double check .rhosts is owned by user accnt.

BTW, I may have been wrong about .rhosts not over-riding /etc/hosts.equiv - It does under HP-UX!
0
 

Author Comment

by:vincentlue
ID: 2756915

Sorry to take that long to respond to
your help.

There is a typo my original question.
It should read as:

The .rhosts at B:~accnt has the following line:

    A.powertv.com accnt

As many of you have figure out.

I checked inetd.conf and hosts, both machines are pretty much the same. There is no host.equiv setting.

I try "rlogin", yes, one goes through
without asking password and the other
does ask password and allowed in afterwards.
0
 
LVL 20

Expert Comment

by:tfewster
ID: 2760657
Hi Vincent - that SHOULD work! Just to restate & summarise the other tests:

(A trusts B - but B$ rcp test.txt A:~accnt fails)

Check ~accnt/.rhosts on A is owned by user accnt.

Are there any "-" entries in /etc/hosts.equiv on A? (Even so, the Solaris
7 man page for hosts.equiv says .rhosts should override this)

As a temporary test, edit /etc/hosts.equiv on A to put B.powertv.com as
the first line in there.

(Forget what I said about inetd.conf, if rsh and rlogin were commented out
you'd get a "Connection refused" error instead - Sorry!)

Try "pulling" the file, instead of "pushing" it by doing:
B$ rcp A:~accnt/test.txt .
to make sure it's not a write permission problem.
0
 
LVL 5

Expert Comment

by:ianB
ID: 2855610
We have opened up a new Solaris Topic Area.  

To increase the visibility of questions, we moved questions we felt
appropriate to the new Solaris Topic Area where they will be easier for
Solaris experts to find and answer. You may view your question at
http://www.experts-exchange.com/Computers/Operating_Systems/Solaris/ 

If you have any questions about the new topic area you can contact
Community Support by posting a comment at the following URL or by
emailing us at cs@experts-exchange.com.
http://www.experts-exchange.com/Customer_Service/Experts_Exchange/ 

Ian
Community Support @ Experts Exchange

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
g++ pthread_init failure on AIX 10 71
AIX 5.x set up arrow to recall 11 46
Solaris 10.  Nmap installation fails 2 49
unix example issues 18 75
Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now