On Mon, Jul 7, 2008 at 1:59 PM, Stephen Harris lists@spuddy.org wrote:
On Mon, Jul 07, 2008 at 01:45:25PM -0700, MHR wrote:
Are you sure there are no firewalls in place that could be blocking access? Note that "rsh machine" really calls "rlogin machine" and so talks on a different port (port 513) whereas "rsh machine command" uses port 514.
You should tcpdump the traffic while trying to do an rsh to see what is going on.
That helps some - I got a lot of data (duh), but the key piece, I think, was this:
15:06:00.480483 IP sushi.ocroads.com.1023 > khan.sjhtca.com.shell: . ack 1 win 46 <nop,nop,timestamp 348358235 81958271> 15:06:00.480735 IP sushi.ocroads.com.1023 > khan.sjhtca.com.shell: P 1:6(5) ack 1 win 46 <nop,nop,timestamp 348358235 81958271> 15:06:00.480942 IP khan.sjhtca.com.shell > sushi.ocroads.com.1023: . ack 6 win 5792 <nop,nop,timestamp 81958271 348358235> 15:06:00.481938 IP khan.sjhtca.com.33409 > sushi.ocroads.com.auth: S 3105739037:3105739037(0) win 5840 <mss 1460,sackOK,timestamp 81958271 0,nop,wscale 0> 15:06:00.481969 IP sushi.ocroads.com > khan.sjhtca.com: ICMP host sushi.ocroads.com unreachable - admin prohibited, length 68 15:06:00.485455 IP khan.sjhtca.com.1023 > sushi.ocroads.com.1022: S 3115029742:3115029742(0) win 5840 <mss 1460,sackOK,timestamp 81958271 0,nop,wscale 0> 15:06:00.485527 IP sushi.ocroads.com > khan.sjhtca.com: ICMP host sushi.ocroads.com unreachable - admin prohibited, length 68
If I start from khan, I get this:
[mrichter@khan mrichter]$ rsh sushi ls sushi: No route to host [mrichter@khan mrichter]$ rsh sushi sushi: No route to host
What's strange (to me) about this is that I can ping and ssh to sushi from khan, and the resolv.conf on khan contains the line "search ocroads.com" which is where sushi is located (sushi = sushi.ocroads.com, khan = khan.sjhtca.com), so I'm not clear on what /else/ needs to be set for this to work.
???
Thanks to all so far....
mhr