Solved

Using rsh in linux

Posted on 2004-08-17
12
278 Views
Last Modified: 2010-03-18
Hi all,

I am trying to use rsh and login from one computer on to the other. I have modified the following files /etc/hosts, /etc/hosts.equiv , /etc/securetty , /etc/pam.d , /etc/fstab.

After which i am able to log on to the remote host using rsh. But if I try to log on from other computer than it shows error as "connection refused" or "connection timedout" or "No route to change". I am able to ping the computer as well...but rsh doesnt work

please give suggestions.

Prerak
0
Comment
Question by:ParikhPrerak
  • 7
  • 5
12 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 11823844
Is the "other computer" listed in hosts.equiv on the rsh server? Are there any firewalls between the rsh server and the "other computer"
0
 

Author Comment

by:ParikhPrerak
ID: 11826119
ya the other computer is listed in the following format : ip-address hostaname
0
 

Author Comment

by:ParikhPrerak
ID: 11826123
there are no firewalls, i just have a router between them

0
 

Author Comment

by:ParikhPrerak
ID: 11826126
also, "rsh localhost" works on both the computers
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11826433
Are there an firewalls on the computers? 'iptables -L' should show ACCEPT for everything if there aren't.

The format for hosts.equiv is [+|-] [hostname|IP] [username], so you could have:

hostname
IP
+ hostname
+ IP
hostname username
IP username
+ hostname username
+ IP username

but not:

IP hostname
0
 

Author Comment

by:ParikhPrerak
ID: 11827353
Hi,

The output of  "iptables -L" is as follows :

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Lokkit-0-50-INPUT  all  --  anywhere             anywhere
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Lokkit-0-50-INPUT  all  --  anywhere             anywhere
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain RH-Lokkit-0-50-INPUT (2 references)
target     prot opt source               destination
ACCEPT     udp  --  192.168.0.1          anywhere           udp spt:domain dpts:1025:65535
ACCEPT     udp  --  anywhere             anywhere           udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT     udp  --  anywhere             anywhere           udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT     all  --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere           tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     tcp  --  anywhere             anywhere           tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     udp  --  anywhere             anywhere           udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT     udp  --  anywhere             anywhere           udp dpt:nfs reject-with icmp-port-unreachable
REJECT     tcp  --  anywhere             anywhere           tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     tcp  --  anywhere             anywhere           tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

I think this means that there is a firewall because there are lot of REJECT. I am not sure how do I disable them. I'd appreciate if you could suggest me the changes.

Regards,
Preark
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:ParikhPrerak
ID: 11827412
Sorry for asking you so many questions, but I didn't totally understand the changes you suggested for hosts.equiv
 
Let me tell you some of the specifics and maybe you could tell us how to use them.

My computer: Hostname = prerak
                           Username = prerak
                           IP address = 192.168.0.105

My friends computer: Hostname = sapan
                                         Username = sapan
                                         IP address = 192.168.0.102
 
Since the hostname and the username are the same, is it possible that it might work if we changed the hostname ?

Also, it would be great if you could tell me the format to be used for the .rhosts file and any other changes you feel are necessary for getting the cluster up and running.

Regards,
Prerak
0
 
LVL 40

Accepted Solution

by:
jlevie earned 125 total points
ID: 11827532
> I think this means that there is a firewall because there are lot of REJECT

Yep there's a firewall running it it is blocking rsh. You can disable the firewall completely with 'service iptables dtop' followed by 'chkconfig iptables off'. That's probably okay since the use of RFC1918 IP addresses would suggest that these machines are behind a NATing router that presumably includes a firewall.

For those two machines you'd use hosts.equiv like:

-- On prerak

192.168.0.102

-- And on sapan

192.168.0.105

You could use host names  on each (rather than IP's) if you add the IP/hostname of the other computer to /etc/hosts.
0
 

Author Comment

by:ParikhPrerak
ID: 11831698
Hi,

Thank you very much. I got rsh running. But the only problem is that it's wiht a password. How do I configure it to be without a password.

Prerak
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11832917
Are you executing rsh on the client with the same username as owns the resource on the rsh server? If not you'll need to create a .rhosts file in the user's home dir on the rsh server that has the client's IP and the username used on the client. For example on sapan in /home/sapan/.rhosts:

192.168.0.105 prerak
0
 

Author Comment

by:ParikhPrerak
ID: 11837611
Hi,

I got rsh to connect to the remote computer without a password.

But, I have an environment variable on other computer as in PVM_ROOT

Now when i do "rsh sdesai 'echo $PVM_ROOT'" -  it returns an empty string.

But if i first log on to sdesai using 'rsh sdesai' , and then if i type $PVM_ROOT, then it gives me the required value.

I am confused as to how to resolve it. I'd appreciate if you could suggest me.

Regards,
Prerak
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11843449
On the other computer where are you defining that env var. I think it needs to be done in the remote user's .bashrc/.cshrc.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Postfix DNS lookups setup 5 38
linux, squid server 23 46
apache and php 3 89
IPA - change main server? 3 86
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now