[CentOS] rsh/rlogin on CentOS4.2

James Pearson james-p at moving-picture.com
Thu Feb 2 17:35:57 UTC 2006


Scott Taylor wrote:
> Hello all,
> 
> I'm not quite sure what has changed in the recent rsh commands, but I
> can't seem to get around the password promting.  I need a clnk rsh between
> two machines in order to run my backup script.
> 
> I added all the usual .rhosts with the proper permissions et al added the
> xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when
> I use the rsh commands, I get either a password prompt or some Kerberos
> stuff that I don't use.
> 
> ie:
> rexec intrbase ls
> password:
> 
> and
> connect to address 192.168.99.211: Connection refused
> Trying krb4 rlogin...
> connect to address 192.168.99.211: Connection refused
> trying normal rlogin (/usr/bin/rlogin)
> Last login: Thu Feb  2 07:47:37 from spare
> 
> As you can see this is for an internal network, so I'm not freaked out
> about security here.
> 
> I can't seem to find anything in the help files about it.  How can I
> configure rsh to use the old, normal way of auth?
> 
> I'm using the latest CentOS4.2

If you don't use the Kerberos stuff, then remove it ... it's probably 
the krb5-workstation package - i.e.

rpm -e krb5-workstation

I don't know about rexec, but for rlogin and rsh:

Edit /etc/pam.d/rsh and change the line:

auth       required     pam_rhosts_auth.so

to:

auth       required     pam_rhosts_auth.so promiscuous

and edit /etc/pam.d/rlogin and change the line:

auth       sufficient   pam_rhosts_auth.so

to:

auth       sufficient   pam_rhosts_auth.so promiscuous


Make sure 'rsh' and 'rlogin' are listed in /etc/securetty

James Pearson



More information about the CentOS mailing list