[CentOS] rsh/rlogin on CentOS4.2

Thu Feb 2 17:35:57 UTC 2006
James Pearson <james-p at moving-picture.com>

Scott Taylor wrote:
> Hello all,
> I'm not quite sure what has changed in the recent rsh commands, but I
> can't seem to get around the password promting.  I need a clnk rsh between
> two machines in order to run my backup script.
> I added all the usual .rhosts with the proper permissions et al added the
> xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when
> I use the rsh commands, I get either a password prompt or some Kerberos
> stuff that I don't use.
> ie:
> rexec intrbase ls
> password:
> and
> connect to address Connection refused
> Trying krb4 rlogin...
> connect to address Connection refused
> trying normal rlogin (/usr/bin/rlogin)
> Last login: Thu Feb  2 07:47:37 from spare
> As you can see this is for an internal network, so I'm not freaked out
> about security here.
> I can't seem to find anything in the help files about it.  How can I
> configure rsh to use the old, normal way of auth?
> I'm using the latest CentOS4.2

If you don't use the Kerberos stuff, then remove it ... it's probably 
the krb5-workstation package - i.e.

rpm -e krb5-workstation

I don't know about rexec, but for rlogin and rsh:

Edit /etc/pam.d/rsh and change the line:

auth       required     pam_rhosts_auth.so


auth       required     pam_rhosts_auth.so promiscuous

and edit /etc/pam.d/rlogin and change the line:

auth       sufficient   pam_rhosts_auth.so


auth       sufficient   pam_rhosts_auth.so promiscuous

Make sure 'rsh' and 'rlogin' are listed in /etc/securetty

James Pearson