rsh error: protocol failure in circuit setup
I'm trying to get rsh to work on my Mandrake 8.0 linux box. From that box (known as darius) if I rsh to another box with no args, it works fine. For instance:
andrea@darius:~> rsh amanda This works and logs me into amanda. But if I rsh a specific command to amanda, I get an error. For instance: andrea@darius:~> rsh amanda date poll: protocol failure in circuit setup Any ideas? |
It's a firewall problem. Turning bastille off fixes the problem. I added ports 1021 - 1023 to the internal services in the bastille config, and now it works (well one rsh command at a time works) with bastille on. But I think I'm just lucking out that rsh is picking a port from 1021 to 1023. If I do 2 rsh commands at roughly the same time, one of them will come back with the error. Where can I find all the ports that rsh would use?
|
RSH and port numbers
Hi Andrea,
Well I have / see the same symptom. I know for sure there is no firewall or SELinux involved. One is stopped and the other is disabled. I believe RSH communicated anywhere between 0 and 1023 port numbers.. What else might be there problem here and if I were to check on what port it is communicating or not communicating how do I go about checking it? Background: The RSH server as well as client is a Linux Redhat box. I have tcpdumped and there are packets traveling across, but could not debug on it - as to what port the request is being sent on. I would appreciated any suggestions.. |
Same problem fixed
Hello, I had that same problem in rhel 5.2.
Here is what I did to resolve: un-install the rsh-server rpm install the rsh-server rpm reboot edit the /etc/xinetd.d/rexec (change disabled = yes to no) edit the /etc/xinetd.d/rlogin (change disabled = yes to no) edit the /etc/xinetd.d/rsh (change disabled = yes to no) edit the /etc/pam.d/rsh (auth required pam_rhosts_auth.so promiscuous) edit /etc/securetty (add rsh rlogin and rexec) update your ~/.rhosts file with the resolved names of the servers you want to access. service xinetd restart done!!! |
...
|
Actually that's not true. I work with clusters and rsh is the connection of choice. It's faster and when dealing with clustering speed is everything. Most MPI applications use RSH by default, yes you can set them to use ssh but your wall time suffers a bit. Also a lot of test applications like "STAR" from Symantec use rsh and have no ssh option.
For administrative purposes I can see rsh not being ideal. I mostly work in a non-production environment so, rsh it is. |
All times are GMT -5. The time now is 10:25 PM. |