rahulgandhi
29th May 2006, 22:11
Hi I need u r help immediately if possible. After all the research i have done for doing rsh and rlogin i made a file and here is the attachment how it looks like but i am still unable to rsh or rlogin:
RSH to remote system without a password
1.Configuring the Nodes :
To build a cluster, configuration of system files is changed as follows;
“/etc/hosts”: This system file should be edited on every node of cluster. It consists of IP addresses and names of workstations in a cluster.
enter the host name and their IP address in file hosts (path : /etc/hosts).
This file has the host to ip address mapping and change the permissions to 444
(command: chmod 444 hosts)
127.0.0.1localhost localhost.localdomain
192.168.0.3rdma1.rdma2domain
192.168.0.4rdma2.rdma2domain
2.Enter the trusted hosts in the .rhosts file (path: /$HOME/.rhosts)
“rhosts”: This file is created in each user’s home directory.
It is used during rhosts authentication. If the client host is found in this file, users can automatically login by using remote shell without supplying passwords.
The file on Rdma1looks like:
# Enter the trusted hostnames in the network.
rdma1.rdma2domain
rdma2.rdma2domain
Change the permission to 600
Command: chmod 600 .rhosts
3.Enable RSH and RLOGIN services in the “/etc/xinetd.d/rsh” and “/etc/xinetd.d/rlogin” files.
RSH
default: on description: The rshd server is the server for the rcmd(3) routine and, consequently, for the rsh(1) program. The server provides \ remote execution facilities with authentication based on \ privileged port numbers from trusted hosts.
service shell {
socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rshd -h disable = no
}
RLOGIN
default: on description: rlogind is the server for the rlogin(1) program. The server \
provides a remote login facility with authentication based on \ privileged port numbers from trusted hosts.
service login {
socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rlogind disable = no
}
(Note that I left the original descriptive text in these files untouched, so you can see that they are indicated to be enabled, when, in fact, they are disabled; i.e. the "disable = no" line reads "disable = yes" in their original form. See *NOTE below for more on this.)
4.Add RSH and RLOGIN to the “/etc/securetty”: It identifies secure terminals from where superuser is allowed to log in.
Simply, add rsh, rlogin and rexec at the end of file. After configuration, this file will look like this:
console
vc/1
vc/2
vc/3
tty1
tty2
tty3
tty4
rsh
rlogin
5.To allow RLOGIN without password, change the configuration in the “cd /etc/pam.d” (not vi) on the systems:
It consists of number of configuration files which effect logins of the various services.
Modify “rsh” & “rlogin” file. Arrange “rhosts” in the first line and “securetty” in the second line.
Finally, it looks like this,
auth required /lib/security/pam_rhosts_auth.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth required /lib/security/pam_env.so
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
6.Testing the configuration:
Restart the network service using following command,
# service xinetd restart
#service network restart
How to change the hostname :
1: To check the present host name use command
# uname –n
Or
#hostname –a
2: To change the host name use the command
#hostname “newhostname”
and you need to change in the file “/etc/sysconfig/network”
it looks like :
NETWORKING=yes
HOSTNAME=rdma2.rdma2domain
----------------------------------------------------------------------------------------------------------------
kernel used is : 2.6.16-1.2111_FC5smp
Error messages i am getting on two systems used are like this:
for rlogin: connect to addresses --- port 543: Connection refused
for rsh: socket: protocol error or closed connection in circuit setup
poll protocol failure in circuit setup
On another system:
for rlogin: connect to address port 543: No route to host
for rsh: connect to address port 544: No route to host.
So can u plz help me if i need to change any other settings
RSH to remote system without a password
1.Configuring the Nodes :
To build a cluster, configuration of system files is changed as follows;
“/etc/hosts”: This system file should be edited on every node of cluster. It consists of IP addresses and names of workstations in a cluster.
enter the host name and their IP address in file hosts (path : /etc/hosts).
This file has the host to ip address mapping and change the permissions to 444
(command: chmod 444 hosts)
127.0.0.1localhost localhost.localdomain
192.168.0.3rdma1.rdma2domain
192.168.0.4rdma2.rdma2domain
2.Enter the trusted hosts in the .rhosts file (path: /$HOME/.rhosts)
“rhosts”: This file is created in each user’s home directory.
It is used during rhosts authentication. If the client host is found in this file, users can automatically login by using remote shell without supplying passwords.
The file on Rdma1looks like:
# Enter the trusted hostnames in the network.
rdma1.rdma2domain
rdma2.rdma2domain
Change the permission to 600
Command: chmod 600 .rhosts
3.Enable RSH and RLOGIN services in the “/etc/xinetd.d/rsh” and “/etc/xinetd.d/rlogin” files.
RSH
default: on description: The rshd server is the server for the rcmd(3) routine and, consequently, for the rsh(1) program. The server provides \ remote execution facilities with authentication based on \ privileged port numbers from trusted hosts.
service shell {
socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rshd -h disable = no
}
RLOGIN
default: on description: rlogind is the server for the rlogin(1) program. The server \
provides a remote login facility with authentication based on \ privileged port numbers from trusted hosts.
service login {
socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rlogind disable = no
}
(Note that I left the original descriptive text in these files untouched, so you can see that they are indicated to be enabled, when, in fact, they are disabled; i.e. the "disable = no" line reads "disable = yes" in their original form. See *NOTE below for more on this.)
4.Add RSH and RLOGIN to the “/etc/securetty”: It identifies secure terminals from where superuser is allowed to log in.
Simply, add rsh, rlogin and rexec at the end of file. After configuration, this file will look like this:
console
vc/1
vc/2
vc/3
tty1
tty2
tty3
tty4
rsh
rlogin
5.To allow RLOGIN without password, change the configuration in the “cd /etc/pam.d” (not vi) on the systems:
It consists of number of configuration files which effect logins of the various services.
Modify “rsh” & “rlogin” file. Arrange “rhosts” in the first line and “securetty” in the second line.
Finally, it looks like this,
auth required /lib/security/pam_rhosts_auth.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth required /lib/security/pam_env.so
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
6.Testing the configuration:
Restart the network service using following command,
# service xinetd restart
#service network restart
How to change the hostname :
1: To check the present host name use command
# uname –n
Or
#hostname –a
2: To change the host name use the command
#hostname “newhostname”
and you need to change in the file “/etc/sysconfig/network”
it looks like :
NETWORKING=yes
HOSTNAME=rdma2.rdma2domain
----------------------------------------------------------------------------------------------------------------
kernel used is : 2.6.16-1.2111_FC5smp
Error messages i am getting on two systems used are like this:
for rlogin: connect to addresses --- port 543: Connection refused
for rsh: socket: protocol error or closed connection in circuit setup
poll protocol failure in circuit setup
On another system:
for rlogin: connect to address port 543: No route to host
for rsh: connect to address port 544: No route to host.
So can u plz help me if i need to change any other settings