Unharden/enable back rsh/rlogin on Solaris 8/9/10

A)
Appreciate if someone could give me the steps to
unharden/enable back  rsh & rlogin.  I misplaced my
documentation somewhere.

B)
Is the .rhosts file something I place in / & what's the content like?
Have not done this for quite a while

C)
Also let me know what I need to do to enable a Linux & Solaris server to do
   "ufsrestore -ivf  remote_Sun_server:/dev/rmt/0cn"  (from a local Solaris box)
     or
   "dd if=remote_Sun_server:/devrmt/0cn of=local_Linux_disk_partition"

D)
If a dd of a Linux is written to a remote Solaris tape drive, can be it be read back
again from the Solaris server (or it has to be a remote Linux server's tape drive),
just curious as I've not tried restoring it yet :
dd if=/dev/sda2 bs=32k conv=sync,noerror | ssh remoteuser@remoteSun "dd of=/dev/rmt/0c"
sunhuxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

omarfaridCommented:
A)

for solaris 8 and 9

look into /etc/inetd.conf and hash or unhash the line of rlogin

for solaris 10 run

svcadm enable|disable rlogin

B)

you create in / or use the /etc/hosts.equiv file. please see man rhosts or man hosts.equiv

C) just set the trust (rlogin with no password)

D) It depends on the tape density and if both drives are compatible  
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sunhuxAuthor Commented:
I've done on remote_svr  "svcadm enable rlogin" & "pkill -HUP inetd"

On the local server, the following command just did not copy anything over
rcp -rp .   remote_svr:/var/tmp/capat
while "rsh remote_svr" prompts for password.

What did I miss?
 
0
omarfaridCommented:
did you add your create /.rhosts or /etc/hosts.equiv and added entry to them? Also look at their permissions ( I think it should not be writable )
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

sunhuxAuthor Commented:
Yes, I've created /.rhosts  (did not create /etc/hosts.equiv) :
it has permission 755 so I've just changed it to 444 & try
again & still it prompts for password when I did rsh.

I recall someone ever told me it has to do with /etc/pam.conf :
# grep -i login /etc/pam.conf
# login service (explicit because of pam_dial_auth)
login   auth requisite          pam_authtok_get.so.1
login   auth required           pam_dhkeys.so.1
login   auth required           pam_unix_cred.so.1
login   auth required           pam_unix_auth.so.1
login   auth required           pam_dial_auth.so.1
# rlogin service (explicit because of pam_rhost_auth)
# rlogin        auth sufficient         pam_rhosts_auth.so.1
rlogin  auth requisite          pam_authtok_get.so.1
rlogin  auth required           pam_dhkeys.so.1
rlogin  auth required           pam_unix_cred.so.1
rlogin  auth required           pam_unix_auth.so.1
# Kerberized rlogin service
krlogin auth required           pam_unix_cred.so.1
krlogin auth required           pam_krb5.so.1


Or any other possible cause?
0
sunhuxAuthor Commented:
Content of /.rhosts (all hosts in it are pingable) :

# ls -lad /.rhosts
-r--r--r--   1 root     root          54 Nov 21 12:39 /.rhosts
# more /.rhosts
slasun05
slasun02
slasun03
slasun04
slasun11
slasun12
0
omarfaridCommented:
are these host names in /etc/hosts or in dns?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.