LinuxQuestions.org - rsh connection closed after successful login

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - rsh connection closed after successful login (https://www.linuxquestions.org/questions/linux-server-73/rsh-connection-closed-after-successful-login-4175452338/)

rsh connection closed after successful login

I'm trying to get rsh working on a Fedora 18 system. I've set this up on many systems before, but can't get it working here.

I use rsh because these computers are not connected to the internet, and its more convenient than SSH, so we can dispense with the "you should use SSH comments".

I have enabled rsh and rlogin in the /etc/xinetd.d/rsh and rlogin files by changing disabled=yes to disabled=no

I have ALL: 192.168.0.0/255.255.255.0 in /etc/hosts.allow, to allow the local network.

the xinetd service is started. .rhosts is configured with the host name of the machine I'm connecting from, and the hostname is in /etc/hosts with the right ip address.

The issue is, that in.rlogin or in.rshd drops the connection immediately, when its set up right.

I have tried this with no firewall (again, private network its OK), and with selinux disabled.

The machines ping, rsync and telnet work. Just rsh.

Any ideas? How can I troublshoot this?

Thanks,
Borax Man

Have you looked at the logs?

Quote:

Originally Posted by eeekster (Post 4902902)

Have you looked at the logs?

/var/log/messages and /var/log/secure have nothing useful.
/log/messages just has this

Mar 2 19:31:43 Oberon xinetd[2519]: START: login pid=2521 from=::ffff:127.0.0.1
Mar 2 19:31:46 Oberon xinetd[2519]: EXIT: login status=0 pid=2521 duration=3(sec)

So the server is starting, then immediately exiting.

If I try to run in.rlogind manually, I get this

logind: Can't get peer name of remote host: Socket operation on non-socket, but that may be because its run outside of xinetd.

Most of the problems I've had with Linux, is due to poor, or non existant error messages.

Any selinux events logged?

Quote:

Originally Posted by eeekster (Post 4903264)

Any selinux events logged?

No, and I tried it with selinux disabled too.

My only other thought is tcpwrappers (i.e. /etc/hosts.allow etc).

please check you iptables rules.

There are no iptables rules. I've disabled the firewall. Makes no difference.

Here's possibly a dumb qn, but, have you installed the rsh-server pkg? Its not part of the default install these days?

Quote:

Originally Posted by chrism01 (Post 4908450)

Here's possibly a dumb qn, but, have you installed the rsh-server pkg? Its not part of the default install these days?

Installed..

No offence to people, but I've been in the past, a network admin, and I've configured RSH before. I've done a lot of searching before coming here, as a last resort.

I'm using the SAME set up, the EXACT same set up as my previous fedora 11 installation, and its not working. There is something else, and I just want to know how to troubleshoot it.

Again, just for the record.
Selinux is disabled.
Iptables is not active, ie, there are no filtering rules at all.
rsh-server is installed, xinetd is running and /etc/xinetd.d/rsh and rlogin have "disabled = yes" to "disabled = no" in those files to enable the service.

I have a .rhosts file, which lists the IP addresses of approved hosts, and its chmodded 600

/etc/hosts.allow has the following line
ALL: 192.168.0. localhost

It should work, but xinetd spawns a process upon connection (as you would expect) with immediately dies (as you would not expect), without any indication as to why.

Is it sitting behind an ASA or other device that performs NAT?

Quote:

Originally Posted by BoraxMan (Post 4902892)

Anything in the /etc/security/access.conf file?
/etc/pam.d/rsh
/etc/pam.d/rlogin

Remember that in Fedora 18 that "iptables" isn't the default firewall...firewalld is

What does firewall-cmd --list-all show?

--C

Quote:

Originally Posted by custangro (Post 4911804)

Thank you

/etc/security/access.conf

Code:

 + : bman : 127.0.0.0/24

#

 + : bman : 192.168.0.0/24

I have left out all the commented lines

/etc/pam.d/rsh

Code:

#%PAM-1.0

# For root login to succeed here with pam_securetty, "rsh" must be

# listed in /etc/securetty.

auth      required    pam_nologin.so

auth      required    pam_securetty.so

auth      required    pam_env.so

auth      required    pam_rhosts.so

auth        required        pam_securetty.so

account    include      password-auth



session          optional    pam_keyinit.so    force revoke

session    required    pam_loginuid.so

session    include      password-auth

/etc/pam.d/rlogin

Code:

#%PAM-1.0

# For root login to succeed here with pam_securetty, "rlogin" must be

# listed in /etc/securetty.

auth      required    pam_nologin.so

auth      required    pam_securetty.so

auth      required    pam_env.so

auth        required        pam_securetty.so

auth      sufficient  pam_rhosts.so

auth      include      password-auth

account    include      password-auth

password  include      password-auth

session          optional    pam_keyinit.so    force revoke

session    required    pam_loginuid.so

session    include      password-auth

As for the firewall, I use iptables instead of firewalld (which is disabled). But with all rules flushed, no difference.

firewall-cmd does not exist on my system.

When I do try to log in using rsh to the SAME computer, ie by executing rsh 127.0.0.1, it still fails. xinetd calls the relevant daemon, it authenticates, but quits. It should at least work using the loopback device! Also, I have 127.0.0.1 in ~/.rhosts

/var/log/secure has this

Code:

Mar 16 22:51:24 Striker rlogind[29980]: pam_rhosts(rlogin:auth): allowed access to bman@localhost as bman

So it does authenticate successfully. It's just that the connection closes and all thats in /var/log/messages is

Code:

Mar 16 22:53:49 Striker xinetd[29750]: START: login pid=30082 from=::ffff:127.0.0.1

Mar 16 22:53:50 Striker xinetd[29750]: EXIT: login status=0 pid=30082 duration=1(sec)

So neither a firewall, or failed authentication is the issue. I'm thinking it is a bug with Fedora 18?

[QUOTE=BoraxMan;4912801]So neither a firewall, or failed authentication is the issue. I'm thinking it is a bug with Fedora 18?/QUOTE]

I actually have rsh working on my Fedora 18 system...

Are you trying to RSH commands in or are you trying to login using RSH?

This is what I have

Code:

[chrish@montools2 ~]$ cat /etc/pam.d/rsh  | grep -v '^#'

auth      required    pam_nologin.so

auth      required    pam_securetty.so

auth      required    pam_env.so

auth      required    pam_rhosts.so

account    include      password-auth

session          optional    pam_keyinit.so    force revoke

session    required    pam_loginuid.so

session    include      password-auth

auth                sufficient        pam_ldap.so

account                sufficient        pam_ldap.so

password        sufficient        pam_ldap.so

session                sufficient        pam_ldap.so



[chrish@montools2 ~]$ cat /etc/pam.d/rlogin  | grep -v '^#'

auth      required    pam_nologin.so

auth      required    pam_securetty.so

auth      required    pam_env.so

auth      sufficient  pam_rhosts.so

auth      include      password-auth

account    include      password-auth

password  include      password-auth

session          optional    pam_keyinit.so    force revoke

session    required    pam_loginuid.so

session    include      password-auth

auth                sufficient        pam_ldap.so

account                sufficient        pam_ldap.so

password        sufficient        pam_ldap.so

session                sufficient        pam_ldap.so

--C

[QUOTE=custangro;4913940]

Quote:

Originally Posted by BoraxMan (Post 4912801)

So neither a firewall, or failed authentication is the issue. I'm thinking it is a bug with Fedora 18?/QUOTE]

I actually have rsh working on my Fedora 18 system...

Are you trying to RSH commands in or are you trying to login using RSH?

This is what I have

Code:

[chrish@montools2 ~]$ cat /etc/pam.d/rsh  | grep -v '^#'

auth      required    pam_nologin.so

auth      required    pam_securetty.so

auth      required    pam_env.so

auth      required    pam_rhosts.so

account    include      password-auth

session          optional    pam_keyinit.so    force revoke

session    required    pam_loginuid.so

session    include      password-auth

auth                sufficient        pam_ldap.so

account                sufficient        pam_ldap.so

password        sufficient        pam_ldap.so

session                sufficient        pam_ldap.so



[chrish@montools2 ~]$ cat /etc/pam.d/rlogin  | grep -v '^#'

auth      required    pam_nologin.so

auth      required    pam_securetty.so

auth      required    pam_env.so

auth      sufficient  pam_rhosts.so

auth      include      password-auth

account    include      password-auth

password  include      password-auth

session          optional    pam_keyinit.so    force revoke

session    required    pam_loginuid.so

session    include      password-auth

auth                sufficient        pam_ldap.so

account                sufficient        pam_ldap.so

password        sufficient        pam_ldap.so

session                sufficient        pam_ldap.so

--C

That didn't work for me.

May I ask what you did to set it up?

Quote:

Originally Posted by BoraxMan (Post 4922037)

Anyone?

Sorry for reply to the old thread after years. I'll delete it if it gets out of line.

I got a similar problem on RHEL 6.9. I find that remote command like `rsh host date` works but remote login `rsh host`return "rlogin: connection closed." just like you have described.

Have you sloved the problem?