Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 291
  • Last Modified:

Using rsh in linux

Hi all,

I am trying to use rsh and login from one computer on to the other. I have modified the following files /etc/hosts, /etc/hosts.equiv , /etc/securetty , /etc/pam.d , /etc/fstab.

After which i am able to log on to the remote host using rsh. But if I try to log on from other computer than it shows error as "connection refused" or "connection timedout" or "No route to change". I am able to ping the computer as well...but rsh doesnt work

please give suggestions.

Prerak
0
ParikhPrerak
Asked:
ParikhPrerak
  • 7
  • 5
1 Solution
 
jlevieCommented:
Is the "other computer" listed in hosts.equiv on the rsh server? Are there any firewalls between the rsh server and the "other computer"
0
 
ParikhPrerakAuthor Commented:
ya the other computer is listed in the following format : ip-address hostaname
0
 
ParikhPrerakAuthor Commented:
there are no firewalls, i just have a router between them

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
ParikhPrerakAuthor Commented:
also, "rsh localhost" works on both the computers
0
 
jlevieCommented:
Are there an firewalls on the computers? 'iptables -L' should show ACCEPT for everything if there aren't.

The format for hosts.equiv is [+|-] [hostname|IP] [username], so you could have:

hostname
IP
+ hostname
+ IP
hostname username
IP username
+ hostname username
+ IP username

but not:

IP hostname
0
 
ParikhPrerakAuthor Commented:
Hi,

The output of  "iptables -L" is as follows :

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Lokkit-0-50-INPUT  all  --  anywhere             anywhere
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Lokkit-0-50-INPUT  all  --  anywhere             anywhere
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain RH-Lokkit-0-50-INPUT (2 references)
target     prot opt source               destination
ACCEPT     udp  --  192.168.0.1          anywhere           udp spt:domain dpts:1025:65535
ACCEPT     udp  --  anywhere             anywhere           udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT     udp  --  anywhere             anywhere           udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT     all  --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere           tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     tcp  --  anywhere             anywhere           tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     udp  --  anywhere             anywhere           udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT     udp  --  anywhere             anywhere           udp dpt:nfs reject-with icmp-port-unreachable
REJECT     tcp  --  anywhere             anywhere           tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     tcp  --  anywhere             anywhere           tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

I think this means that there is a firewall because there are lot of REJECT. I am not sure how do I disable them. I'd appreciate if you could suggest me the changes.

Regards,
Preark
0
 
ParikhPrerakAuthor Commented:
Sorry for asking you so many questions, but I didn't totally understand the changes you suggested for hosts.equiv
 
Let me tell you some of the specifics and maybe you could tell us how to use them.

My computer: Hostname = prerak
                           Username = prerak
                           IP address = 192.168.0.105

My friends computer: Hostname = sapan
                                         Username = sapan
                                         IP address = 192.168.0.102
 
Since the hostname and the username are the same, is it possible that it might work if we changed the hostname ?

Also, it would be great if you could tell me the format to be used for the .rhosts file and any other changes you feel are necessary for getting the cluster up and running.

Regards,
Prerak
0
 
jlevieCommented:
> I think this means that there is a firewall because there are lot of REJECT

Yep there's a firewall running it it is blocking rsh. You can disable the firewall completely with 'service iptables dtop' followed by 'chkconfig iptables off'. That's probably okay since the use of RFC1918 IP addresses would suggest that these machines are behind a NATing router that presumably includes a firewall.

For those two machines you'd use hosts.equiv like:

-- On prerak

192.168.0.102

-- And on sapan

192.168.0.105

You could use host names  on each (rather than IP's) if you add the IP/hostname of the other computer to /etc/hosts.
0
 
ParikhPrerakAuthor Commented:
Hi,

Thank you very much. I got rsh running. But the only problem is that it's wiht a password. How do I configure it to be without a password.

Prerak
0
 
jlevieCommented:
Are you executing rsh on the client with the same username as owns the resource on the rsh server? If not you'll need to create a .rhosts file in the user's home dir on the rsh server that has the client's IP and the username used on the client. For example on sapan in /home/sapan/.rhosts:

192.168.0.105 prerak
0
 
ParikhPrerakAuthor Commented:
Hi,

I got rsh to connect to the remote computer without a password.

But, I have an environment variable on other computer as in PVM_ROOT

Now when i do "rsh sdesai 'echo $PVM_ROOT'" -  it returns an empty string.

But if i first log on to sdesai using 'rsh sdesai' , and then if i type $PVM_ROOT, then it gives me the required value.

I am confused as to how to resolve it. I'd appreciate if you could suggest me.

Regards,
Prerak
0
 
jlevieCommented:
On the other computer where are you defining that env var. I think it needs to be done in the remote user's .bashrc/.cshrc.
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now