In article , Adam Beneschan wrote:
> Hi, everyone,
>
> I need the ability for another machine to use rsh and rcp on a system
> running RedHat Linux 9.0. I can't get this to work.
>
> I've done some research, and the answer seems to be to add the line
> "rsh" to /etc/securetty. I've done this (I also added rlogin and
> rexec). Didn't help.
>
> I also tried commenting out the "auth required pam_securetty.so" line
> in /etc/pam.d/rsh. That didn't help either.
>
> I know rsh is working because I can use it from my other system as
> long as I'm not logged in as root. When I'm logged in as root and use
> the exact same rsh command, I get "permission denied". This shows up
> in the messages log on the target system:
>
> pam_rhosts_auth[1146]: denied to root@ as root: access not
> allowed
> in.rshd[1146]: rsh denied to root@ as root: Permission
> denied.
> in.rshd[1146]: rsh command was 'df'
>
> I don't know what else to look for. Any help anyone can provide would
> be much appreciated.
>
> -- Adam

You say you want rsh and rcp, but I would suggest ssh and scp (openssh.com)
unless you have a specific need for rsh and rcp. The r* tools are plaintext
and not nearly as secure as ssh. I use ssh, scp, and sftp for the admin. jobs
on my cluster and have no problems.
Hope this helps!

Digi

--
http://digi.nuwen.net/cluster

Digi wrote in message news:...
> In article , Adam Beneschan wrote:
> > Hi, everyone,
> >
> > I need the ability for another machine to use rsh and rcp on a system
> > running RedHat Linux 9.0. I can't get this to work.
> >
> > I've done some research, and the answer seems to be to add the line
> > "rsh" to /etc/securetty. I've done this (I also added rlogin and
> > rexec). Didn't help.
> >
> > I also tried commenting out the "auth required pam_securetty.so" line
> > in /etc/pam.d/rsh. That didn't help either.
> >
> > I know rsh is working because I can use it from my other system as
> > long as I'm not logged in as root. When I'm logged in as root and use
> > the exact same rsh command, I get "permission denied". This shows up
> > in the messages log on the target system:
> >
> > pam_rhosts_auth[1146]: denied to root@ as root: access not
> > allowed
> > in.rshd[1146]: rsh denied to root@ as root: Permission
> > denied.
> > in.rshd[1146]: rsh command was 'df'
> >
> > I don't know what else to look for. Any help anyone can provide would
> > be much appreciated.
> >
> > -- Adam
>
> You say you want rsh and rcp, but I would suggest ssh and scp (openssh.com)
> unless you have a specific need for rsh and rcp. The r* tools are plaintext
> and not nearly as secure as ssh. I use ssh, scp, and sftp for the admin. jobs
> on my cluster and have no problems.
> Hope this helps!

We already have ssh on both systems; however, I can't figure out how
to use it to use it from System A (running RedHat 6.2) to execute a
script on System B (RedHat 9.0) while I'm logged in to system A as
"root", without it asking for a password. It's necessary to be able
to do this without human intervention, since it will be run by a daily
overnight script.

I tried making sure that both host names were in the
/usr/local/etc/shosts.equiv file on both systems. That hasn't helped.
I'm trying to go through the ssh man page to figure out what else to
do, but it appears far from obvious. Any help would be appreciated.

-- Adam

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can use ssh keys. Instead of password verification, it uses a
public/private key pair, one on server and one on the client. Reasonably
simple to setup, invisible to use.

Heres a clear page detailing ssh key setup
http://particle.phys.uvic.ca/doc_sshkey.html

Adam Beneschan wrote:
| We already have ssh on both systems; however, I can't figure out how
| to use it to use it from System A (running RedHat 6.2) to execute a
| script on System B (RedHat 9.0) while I'm logged in to system A as
| "root", without it asking for a password. It's necessary to be able
| to do this without human intervention, since it will be run by a daily
| overnight script.
|
| I tried making sure that both host names were in the
| /usr/local/etc/shosts.equiv file on both systems. That hasn't helped.
| I'm trying to go through the ssh man page to figure out what else to
| do, but it appears far from obvious. Any help would be appreciated.
|
| -- Adam

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFACG9RkY9EF6QEdTkRAvRMAKDMM+KFknlYn8N8zlA1MX gJjY/tcACffOzY
43PV30XijrPGG1NyY61wdsc=
=x8gI
-----END PGP SIGNATURE-----