[CentOS] rsh problems in CentOS 5.2 (was "cvs command failure on 5.2")

[MHR]

On Mon, Jul 7, 2008 at 1:59 PM, Stephen Harris <lists at spuddy.org> wrote:
> On Mon, Jul 07, 2008 at 01:45:25PM -0700, MHR wrote:
>
> Are you sure there are no firewalls in place that could be blocking access?
> Note that "rsh machine" really calls "rlogin machine" and so talks on
> a different port (port 513) whereas "rsh machine command" uses port 514.
>
> You should tcpdump the traffic while trying to do an rsh to see what is
> going on.
>

That helps some - I got a lot of data (duh), but the key piece, I
think, was this:

15:06:00.480483 IP sushi.ocroads.com.1023 > khan.sjhtca.com.shell: .
ack 1 win 46 <nop,nop,timestamp 348358235 81958271>
15:06:00.480735 IP sushi.ocroads.com.1023 > khan.sjhtca.com.shell: P
1:6(5) ack 1 win 46 <nop,nop,timestamp 348358235 81958271>
15:06:00.480942 IP khan.sjhtca.com.shell > sushi.ocroads.com.1023: .
ack 6 win 5792 <nop,nop,timestamp 81958271 348358235>
15:06:00.481938 IP khan.sjhtca.com.33409 > sushi.ocroads.com.auth: S
3105739037:3105739037(0) win 5840 <mss 1460,sackOK,timestamp 81958271
0,nop,wscale 0>
15:06:00.481969 IP sushi.ocroads.com > khan.sjhtca.com: ICMP host
sushi.ocroads.com unreachable - admin prohibited, length 68
15:06:00.485455 IP khan.sjhtca.com.1023 > sushi.ocroads.com.1022: S
3115029742:3115029742(0) win 5840 <mss 1460,sackOK,timestamp 81958271
0,nop,wscale 0>
15:06:00.485527 IP sushi.ocroads.com > khan.sjhtca.com: ICMP host
sushi.ocroads.com unreachable - admin prohibited, length 68

If I start from khan, I get this:

[mrichter at khan mrichter]$ rsh sushi ls
sushi: No route to host
[mrichter at khan mrichter]$ rsh sushi
sushi: No route to host

What's strange (to me) about this is that I can ping and ssh to sushi
from khan, and the resolv.conf on khan contains the line "search
ocroads.com" which is where sushi is located (sushi =
sushi.ocroads.com, khan = khan.sjhtca.com), so I'm not clear on what
/else/ needs to be set for this to work.

???

Thanks to all so far....

mhr