rsh issue (access denied)...

bruce bedouglas at earthlink.net
Tue Jun 24 05:10:03 UTC 2008 

hi...

i've got an "access denied" issue with rsh on one of my boxes (and before we
start, no use ssh comments.. rsh is what i'm dealing with for now!!)

i've got a few boxes in my network, and i can successfully rsh into them
with no issue. however, on one box, i can't access it using rsh, and i'm
running out of things to try... kind of curious.

i can login using rlogin.

i've modifed the /etc/pam.d/rsh,rlogin files, along with the /etc/securetty
file. as far as i can tell, nothing else has been changed...

the curious thing. as far as i can tell... the files on the system that
doesn't work, are the same as the files on the systems that are allowing rsh
to occur...

the err i'm getting in the /var/log/secure is:
Jun 23 22:16:09 lserver5 userhelper[2186]:
pam_timestamp(system-config-services:session): updated timestamp file
`/var/run/sudo/root/unknown'
Jun 23 22:16:09 lserver5 userhelper[2189]: running
'/usr/sbin/system-config-services' with root privileges on behalf of 'root'
Jun 23 22:16:28 lserver5 xinetd[2227]: START: shell pid=2239
from=192.168.1.45
Jun 23 22:16:28 lserver5 rshd[2239]: pam_rhosts_auth(rsh:auth): denied to
root at 192.168.1.45 as test1: access not allowed
Jun 23 22:16:28 lserver5 rshd[2239]: pam_unix(rsh:session): session opened
for user test1 by (uid=0)
Jun 23 22:16:28 lserver5 rshd[2239]: pam_unix(rsh:session): session closed
for user test1
[

etc/pam.d/rsh
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       sufficient      pam_rhosts_auth.so promiscuous
auth       required             pam_securetty.so
auth       required             pam_env.so
account    include      system-auth
session    include      system-auth

etc/pam.d/rlogin
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rlogin" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       sufficient   pam_rhosts_auth.so      promiscuous
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       include      system-auth
account    include      system-auth
password   include      system-auth
session    include      system-auth

/etc/securetty
rsh
rlogin
rlogind
console
vc/1
vc/2
vc/3
vc/4
vc/5
.
.
.


so... any thoughts/comments/things to check would be greatly appreciated....

thanks

More information about the users mailing list