Solved

rsh -Connection refused

Posted on 2003-11-10
10
17,029 Views
Last Modified: 2007-11-27
Our RedHat 7.2 box will not accept a rsh connection. I can rsh out of it. We need a unix box to rsh in and run a script for faxing. When issuing the command: rsh machine_name it comes back Conection refused. I also have a test Mandrake box that behaves the same way. Any ideas how to trouble-shoot this?

Thanks
0
Comment
Question by:timothyking
  • 5
  • 4
10 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 9717769
Did you try SSH? Perhaps the sysadmin turned off rsh for security reasons.
0
 

Author Comment

by:timothyking
ID: 9717804
Unfortunatley the unix box does not have ssh installed.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9718112
Is the rsh-server package installed and enabled on your 7.2 system?

Have you allowed access to the rsh server via .rhosts and/or hosts.equiv?

Is there a firewall on the 7.2 system that would bolck access to rsh?
0
 

Author Comment

by:timothyking
ID: 9718165
I'm sure rsh is installed - not sure how to tell if it is enabled

Which .rhosts file allows access? root?

On the private side of our lan there are no firewall rules that would block access to rsh.

Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9718863
You might have the rsh package installed (client side utilities like rsh) but not have the rsh-server package. You can execute 'rpm -q rsh-server' to see if it is installed. I don't remember for sure on 7.2, but I believe the defaul install of rsh-server leaves it disabled. It is necessary to edit /etc/xinet.d/rsh and enable the service or execute 'chkconfig rsh on'.

How to allow access to the rsh server depends in part on how you intend to use it. If only one user account will initiate all rsh sessions it may suffice to create a .rhosts file in that user's home dir. Otherwise you may wish to list the systems that will initiate rsh sessions in /etc/hosts.equiv. The man page for hosts.equiv, rhosts, rshd and rlogin will provide more information.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:timothyking
ID: 9731181
Executing: 'rpm -q rsh-server' returns - rsh-server-0.17-5
In the rsh file it says: disabled - no
.rhosts file exist in all users home directories
Still getting the 'Connection refused'

thanks
0
 
LVL 40

Accepted Solution

by:
jlevie earned 55 total points
ID: 9731328
Is there a firewall running on the 7.2 system and if so does it allow inbound connections on 514/TCP?

You may also need to add the IP's or hostnames on the systems that will initiate rsh sessions to hosts.equiv on you r 7.2 system.
0
 

Author Comment

by:timothyking
ID: 9731522
Port 514 is open  - and I added the source machine's host and IP to the hosts.equiv file -  still no luck

thanks
0
 

Author Comment

by:timothyking
ID: 9732469
Looks like we got it working!
When trying to connect, I was not specifying a command to run. I was just typing:
rsh ipaddress
instead of
rsh ipaddress path_to_command

also the "allowed hosts" must be in the .rhosts file

thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9732866
If you are getting "Connection refused" it sounds like there's a firewall in the way. On both the client and the server  ports 512-1023 must be open for inbound connections the way I read the man page for rshd. I'd suggest that for inital tests you disable any firewall on the server and client. Once you have rsh working you can re-enable the firewall with that port range open. If when you re-enable the firewall rsh stops working a sniffer trace should tell you what the problem is.

FYI: For ordinary users it suffices to have a .rhosts file in the user's home dir owned by the user as set to mode 0600 (-rw---------). For the root user you must include rsh as an "allowed terminal" in /etc/securettys and have a valid /root/.rhosts.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now