RCP command gets Connection refused

Posted on 2007-08-08
Last Modified: 2013-12-16
Have 3 Dell 2950 and 2 Dell 6850 servers with 16 and 32 GB of memory respectively.
All 5 have been upgraded to RHEL4 kernel 2.6.9-55.0.2.ELhugemem.
We are moving our environment from an IBM H80 running AIX 5.2 to these boxes.
The application tech is on site now moving old forms, software, etc from the AIX to RHEL and wants to use rcp.
I have been successful with reaching out from RHEL to AIX to get the forms and software but can not get rcp to work from RHEL to RHEL.  
Am getting: # rcp -p testfile dat2:/home
                  connect to address 10.x.x.xx: Connection refused
                  Trying krb4 rcp...
                  connect to address 10.x.x.xx: Connection refused
                  trying normal rcp (/usr/bin/rcp)
                  dat2.domainname: Connection refused
I know that this is considered unsecure but that is not an issue.
Can anyone explain what might need to be done to allow rcp to work in all directions?
Question by:slcoit
    LVL 7

    Expert Comment

    On modern Linux, by default RCP is not opened, and will be blocked. You can use scp instead (which uses SSH and is secure) or add the rsh-server package to your RH (which is not installed by default) and open the service through editing the service file in /etc/xinetd.d/ (and restarting xinetd afterwards).

    You know this is insecure, and you know scp does the same job, and even better.

    Author Comment

    Found rsh-0.17-25.1 already installed
    Found this rsh-server-0.17-25.4 at Red Hat Network and installed with rpm -ivh.
    Went to /etc/xinetd.d and changed both rsh & rlogin to disable = no.
    Rebooted the server and then did rcp -p testfile app2:/home
    Got the same response.
    LVL 7

    Accepted Solution

    Keep rebooting for Windows. You do not need to reboot your Linux system.

    Do you have iptables running? Try again after running (on the server) 'service iptables stop'

    Assisted Solution

    -- do you have .rhosts populated with the the hostname of the PC you're connecting from on dat2? You'd also want to populate /etc/hosts with the hostname and IP.

    -- what do you see in /var/log/messages on dat2 after you attempt?
    you may see some error coming from pam.d, in which case, you'll have to modify the pamd settings on dat2. /etc/pam.d/rsh and rlogin (possibly to "sufficient" instead of "required")

    -- do rsh or rlogin work?

    On a side-note, it looks like it's executing rcp from /usr/kerberos/bin or something. There's probably another in /usr/bin/rcp.
    "which rcp" should tell you which one, you can rename/delete that and use the one from /usr/bin/rcp..

    Author Comment

    To get rcp working on linux (example) (The names have been changed to protect the innocent)
    This has worked for me.
    1. # rpm -qa |grep rsh  returns:      rsh-0.17-25.1
    2. /etc/hosts contains:            10.x.x.x1       dat2.domain        dat2
                                                                    10.x.x.x2       app3.domain        app3
    3. /root/.rhosts contains:       app3           root
                                               app3           oracle      
                                               dat2            root
                                               dat2            oracle
    4. /etc/xinetd.d/rsh has:       disable = no
    5. /etc/pam.d/rsh on destination server has:    auth       sufficient
    6. # service xinetd restart
    7. Added rsh to /etc/securetty on destination server.
    8. modified on destination server:      /etc/xinetd.d/rsh has:       disable = no
    9. run: rcp /home/testfile destination-server:/home

    If any part of above was not on my system, rcp failed.
    I arrived at this process with the inspiration of both ezaton and hpotar.
    They both pointed me in directions, along with other research, that led to success.
    Thank you for your input.
    Now how do I share the points between the two?

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
    I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now