-   Linux - Server (
-   -   rsh service not starting up (

sir-lancealot 12-21-2007 04:08 PM

rsh service not starting up
I had 17 machines all running centos 4.5. We brought in a new box, staged with centos 5 (64 bit), yum installed rsh, rsh-server, etc. and all worked fine.

Just got 3 new machines, all setup the same, and none of them will start. It must be one thing I missed but I have the packages installed;

the .rhosts file is put under the /home/user with the correct permissions (file was simply copied and appended)

chkconfig --list shows;
xinetd based services:
rexec: on
rlogin: on
rsh: on

When I restart xinetd on a working box, I do see;
4:02 xinetd -stayalive -pidfile /var/run/
3913 ? Ss 0:00 \_ in.rshd

along with some connection info, where on the new box I don't see anything.
Dec 21 16:00:29 n19 xinetd[2844]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Dec 21 16:00:29 n19 xinetd[2844]: Started working: 3 available services

When I connect from one machine to the other (older ones) it goes right in, this say's Password:
So I am not sure if in fact rsh is running as I see this open;
2906 ? Ss 0:00 xinetd -stayalive -pidfile /var/run/
2908 ? Ss 0:00 \_ in.rlogind

so now it might be more of a security thing.

Any help is appreciated, I am shot and it's prob something real simple.


archtoad6 12-25-2007 06:51 AM

I'm surprised no one has ragged on you for choosing rsh over ssh because of the security issues.

Have you considered the potential problems w/ rsh?

sir-lancealot 12-26-2007 08:53 AM

Well no-one has ragged, no one helped yet either. I could have included more information such as this is a private network, using an already in place method of doing things but didn't think I should spend the time on that as I wasn't asking for alternative connecting methods, but rather some insight to the people who use and / or know rsh.

There are 17 other machines connecting, etc. with no problems, so why change something if it's not broken? They do what they are supposed to do, connect, transfer files for processing and return them in a timely manner so to change just because is not something that companies wish to do.

I do appreciate the time, but would have preferred an answer or at least direction for a solution to the question posted.

sir-lancealot 12-26-2007 09:32 AM

As I said, I knew it would be something simple. A buddy sent over something he found, which after reading, I then remembered (and kicked myself).

Anyway, the hosts file was setup, but the .rhosts file had one problem, so that will close this one!

archtoad6 12-26-2007 11:10 AM

Glad you got it fixed on your own.

One of the reasons I could not offer any real help is that those who taught me Linux wouldn't consider using rsh; therefore, I know nothing about it except to avoid it.

What is "broken"? . . .
I subscribe to the SANS Institute's semi-weekly "News Bites" security news letter. One of the on-going themes is the rise of insider cracks & exploits -- things that a perimeter fire wall does nothing to prevent. I am sure there are at least some of the editors there that would say that moving to ssh before your rsh is exploited would proactive & prudent not "change just because". Just my view, YMMV.

Given the wide spread prejudice against rsh, adding a "it's on a LAN & we like it that way" or "I know, I know, it's insecure, but THEY won't let me change" to such Q's would anticipate & forestall any criticism or discussion of the merits of rsh.

Also, please note that I did wait just over 4 days to try to ensure that anyone w/ more helpful ideas would have a chance to see your post on the 0-reply list(s).

Once again, glad you got it fixed on your own.

sir-lancealot 12-27-2007 09:14 AM

Arch, thanks for the reply and the insight. I don't want to say I fall into that "I know it's insecure but" spot, I did say it's on a private network with 0 public access at all, and it's always been that way (long before me) but I too would like to see a change.

I prefer ssh key's for numerous reasons, and would like to change one day, but for this, it was more a need and more important a simple little fix.

I also appreciate you waiting a few day's as opposed to the one person who responds with 0 help as I too view the 0's and offer help and some people don't understand that.

Again, thanks for the time and the extra information, have a Happy New Year.


archtoad6 12-27-2007 09:59 AM

Happy New Year to you also.

All times are GMT -5. The time now is 04:34 PM.