rsh problem from linux to solaris machines

Hi -- I have two SUN servers and many linux clients.
I have added a few of the hosts in my .rhosts file, that includes both
the SUn servers and a few linux clients -- so as understood I can rsh
from any of these systems without being prompted for passwd to any
other machines. This works fine if I

1. Login from linux to linux clients
2. Sun to Sun machines
3. Sun to linux machines

But when I rsh from 'linux machines that are in .rhosts to any of the
Sun servers' it prompts for a password.
I have no clue why there is a problem. Is it that SUN or linux
systems needs any specific 'pam' library.

Thanks in advance for your help.

regards
-Moo

<Michael Vilain <vilain@spamcop.net>> wrote in message
news:vilain-7BE013.02522911082004@comcast.dca.giganews.com...
> In article <dd6f280a.0408102331.5f6d8fbb@posting.google.com >,
> moo_glee@yahoo.com (Moo) wrote:
>
> > Hi -- I have two SUN servers and many linux clients.
> > I have added a few of the hosts in my .rhosts file, that includes both
> > the SUn servers and a few linux clients -- so as understood I can rsh
> > from any of these systems without being prompted for passwd to any
> > other machines. This works fine if I
> >
> > 1. Login from linux to linux clients
> > 2. Sun to Sun machines
> > 3. Sun to linux machines
> >
> > But when I rsh from 'linux machines that are in .rhosts to any of the
> > Sun servers' it prompts for a password.
> > I have no clue why there is a problem. Is it that SUN or linux
> > systems needs any specific 'pam' library.
> >
> > Thanks in advance for your help.
> >
> > regards
> > -Moo
>
> when you rsh from a linux machine to a sun server, provide a password,
> you'll get a shell. What's displayed when you type
>
> who am i
>
> at the shell? Is the hostname displayed in the remote system's .rhosts
> file?
>
> --
> DeeDee, don't press that button! DeeDee! NO! Dee...
>
>
>

finger may also be instructive, the hostname that finger shows is what is
needed it .rhosts

sometimes the fully qualified DNS is needed, and sometimes not.

The other point is that the .rhosts file can be a security risk. ssh is
good.

Moo wrote:
>
> But when I rsh from 'linux machines that are in .rhosts to
> any of the Sun servers' it prompts for a password.

Give it the password and when you're logged in do "who am i".
Carefully note the hostname it says that you came in from.
Especially whether it uses the short name or FQDN. Whichever
name it gives, add that one to your .rhosts file and try again.

If it gives the IP number instead of either short hostname or
FQDN, then you have a DNS/DHCP automated update problem.
Your linux boxes aren't getting registered in DNS when they
get their DHCP leases.

Moo wrote:
>
> But when I rsh from 'linux machines that are in .rhosts to
> any of the Sun servers' it prompts for a password.

Give it the password and when you're logged in do "who am i".
Carefully note the hostname it says that you came in from.
Especially whether it uses the short name or FQDN. Whichever
name it gives, add that one to your .rhosts file and try again.

If it gives the IP number instead of either short hostname or
FQDN, then you have a DNS/DHCP automated update problem.
Your linux boxes aren't getting registered in DNS when they
get their DHCP leases.

Moo,

Are you using multiple/stacked ip/adresses on the SUN servers (multipathing
!?) ? If so, then try adding all the ip-adresses or their aliases in the
..rhosts file of a linux box.

cheers,

Harrie


"Moo" <moo_glee@yahoo.com> schreef in bericht
news:dd6f280a.0408102331.5f6d8fbb@posting.google.c om...
> Hi -- I have two SUN servers and many linux clients.
> I have added a few of the hosts in my .rhosts file, that includes both
> the SUn servers and a few linux clients -- so as understood I can rsh
> from any of these systems without being prompted for passwd to any
> other machines. This works fine if I
>
> 1. Login from linux to linux clients
> 2. Sun to Sun machines
> 3. Sun to linux machines
>
> But when I rsh from 'linux machines that are in .rhosts to any of the
> Sun servers' it prompts for a password.
> I have no clue why there is a problem. Is it that SUN or linux
> systems needs any specific 'pam' library.
>
> Thanks in advance for your help.
>
> regards
> -Moo

First, I'm not at home and I can't check this trick for now, so I speak
from memory (plus, I'm using ssh for years now), so it it doesn't work,
excuse me.

I believe that .rhost only works with rlogin & rcp, at least on Solaris
& hp-ux. I've always had to provide a passwd with rsh & remsh.

Also, you may provide in the /etc/hosts.equiv, /etc/hosts.allow &
/etc/hosts.deny the name of hosts *AND USERS* allowed (or denied) to
connect without passwords. This is not mandatory if you use .rhost in
home directory of users, but I don't know what happens if you have some
inconsistencies between .rhosts & host.xxxx

regards

Nicolas


Moo wrote:
> Hi -- I have two SUN servers and many linux clients.
> I have added a few of the hosts in my .rhosts file, that includes both
> the SUn servers and a few linux clients -- so as understood I can rsh
> from any of these systems without being prompted for passwd to any
> other machines. This works fine if I
>
> 1. Login from linux to linux clients
> 2. Sun to Sun machines
> 3. Sun to linux machines
>
> But when I rsh from 'linux machines that are in .rhosts to any of the
> Sun servers' it prompts for a password.
> I have no clue why there is a problem. Is it that SUN or linux
> systems needs any specific 'pam' library.
>
> Thanks in advance for your help.
>
> regards
> -Moo

In article <cfn2op$9h0$1@apollon.grec.isp.9tel.net>, Nicolas wrote:

>> But when I rsh from 'linux machines that are in .rhosts to any of the
>> Sun servers' it prompts for a password.

>from memory (plus, I'm using ssh for years now)

I suggest using ssh instead of r*.

>I believe that .rhost only works with rlogin & rcp, at least on Solaris
>& hp-ux. I've always had to provide a passwd with rsh & remsh.

rsh,remsh also use .rhosts just the same.
Maybe name lookups are behind the problems of the OP.

>Also, you may provide in the /etc/hosts.equiv, /etc/hosts.allow &
>/etc/hosts.deny the name of hosts *AND USERS* allowed (or denied) to
>connect without passwords.

Do not put usernames in /etc/hosts.equiv unless you want
fred@foreign doing rsh to bin@sunserver .

HP-UX has a non-traditional interpretation of usernames in
/etc/hosts.equiv so putting them in there is not so bad.

--
Elvis Notargiacomo master AT barefaced DOT cheek
http://www.notatla.org.uk/goen/
If its message contained filing-cabinets in annex, for
security reasons same sao automatically extinguished.

<SNIP>
Sorry to have responded so late, have been busy with some other jobs.

Actually I have used the hostnames as per the name resolution only.
nslookup works for the same name and 'finger' shows the hostname. But
the hostname of the SUN asks for a passwd with that hostname.

I am still clueless, let me try ssh.

Thanks for all who responded.

regards
,Moo

<SNIP>

SOrry folks, it works with linux machines' FQDN in the .rhosts, how
stupid of me!! Ignore my just previous mail.

thanks again,
,Moo

In <dd6f280a.0408172357.6cd524be@posting.google.com >, Moo:

[Snip...]

> it works with linux machines' FQDN in the .rhosts

I think you need a "search" line in your /etc/resolv.conf if you want to
avoid FQDN in .rhosts (such as for linuxhost.whatever.domain.com):

search whatever.domain.com
nameserver 111.222.333.444
nameserver 555.666.777.888

etc. YMMV, HTH...

(I'd avoid .rhosts linkage myself except on very trusted local networks)

--
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at airmail, dotted with net. DO NOT SPAM IT.
Kids jumping ship? Looking to hire an old-school type? Email me.