Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I had 17 machines all running centos 4.5. We brought in a new box, staged with centos 5 (64 bit), yum installed rsh, rsh-server, etc. and all worked fine.
Just got 3 new machines, all setup the same, and none of them will start. It must be one thing I missed but I have the packages installed;
the .rhosts file is put under the /home/user with the correct permissions (file was simply copied and appended)
chkconfig --list shows;
xinetd based services:
When I restart xinetd on a working box, I do see;
4:02 xinetd -stayalive -pidfile /var/run/xinetd.pid
3913 ? Ss 0:00 \_ in.rshd
along with some connection info, where on the new box I don't see anything.
Dec 21 16:00:29 n19 xinetd: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Dec 21 16:00:29 n19 xinetd: Started working: 3 available services
When I connect from one machine to the other (older ones) it goes right in, this say's Password:
So I am not sure if in fact rsh is running as I see this open;
2906 ? Ss 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
2908 ? Ss 0:00 \_ in.rlogind
so now it might be more of a security thing.
Any help is appreciated, I am shot and it's prob something real simple.
Well no-one has ragged, no one helped yet either. I could have included more information such as this is a private network, using an already in place method of doing things but didn't think I should spend the time on that as I wasn't asking for alternative connecting methods, but rather some insight to the people who use and / or know rsh.
There are 17 other machines connecting, etc. with no problems, so why change something if it's not broken? They do what they are supposed to do, connect, transfer files for processing and return them in a timely manner so to change just because is not something that companies wish to do.
I do appreciate the time, but would have preferred an answer or at least direction for a solution to the question posted.
One of the reasons I could not offer any real help is that those who taught me Linux wouldn't consider using rsh; therefore, I know nothing about it except to avoid it.
What is "broken"? . . .
I subscribe to the SANS Institute's semi-weekly "News Bites" security news letter. One of the on-going themes is the rise of insider cracks & exploits -- things that a perimeter fire wall does nothing to prevent. I am sure there are at least some of the editors there that would say that moving to ssh before your rsh is exploited would proactive & prudent not "change just because". Just my view, YMMV.
Given the wide spread prejudice against rsh, adding a "it's on a LAN & we like it that way" or "I know, I know, it's insecure, but THEY won't let me change" to such Q's would anticipate & forestall any criticism or discussion of the merits of rsh.
Also, please note that I did wait just over 4 days to try to ensure that anyone w/ more helpful ideas would have a chance to see your post on the 0-reply list(s).
Arch, thanks for the reply and the insight. I don't want to say I fall into that "I know it's insecure but" spot, I did say it's on a private network with 0 public access at all, and it's always been that way (long before me) but I too would like to see a change.
I prefer ssh key's for numerous reasons, and would like to change one day, but for this, it was more a need and more important a simple little fix.
I also appreciate you waiting a few day's as opposed to the one person who responds with 0 help as I too view the 0's and offer help and some people don't understand that.
Again, thanks for the time and the extra information, have a Happy New Year.