Hi. As root, I'm running rsh as root from a Solaris 9 machine to some RHEL 4 servers (supposedly all configured identically) but two of about 10 respond with permission denied. There is no firewall device between the Solaris 9 client and the RHEL servers.
I'm doing something like this from the client:
foreach ff ($servers)
rsh $ff uname -n
end
svr1
svr2
Permission denied.
Permission denied.
svr5
svr6
I've been comparing the setup on the RHEL servers but can't figure out where the problem might exist on the 2 oddball servers. I checked /.rhosts, /etc/hosts, nsswitch.conf, /etc/pam.d/rsh, /etc/xinet.d/rsh and they're the same.
In the messages file, I see
Feb 17 16:23:55 svr3 pam_rhosts_auth[15081]: denied to root@s9clnt as root: access not allowed
Feb 17 16:23:55 svr3 in.rshd[15081]: rsh denied to root@s9clnt as root: Permission denied.
Feb 17 16:23:55 svr3 in.rshd[15081]: rsh command was 'uname -n'
However, the /etc/pam.d/rsh file has the following entries (same as servers allowing rsh from the Solaris 9 client):
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth sufficient pam_nologin.so
auth optional pam_securetty.so
auth sufficient pam_env.so
auth sufficient pam_rhosts_auth.so
account sufficient pam_stack.so service=system-auth
session sufficient pam_stack.so service=system-auth
I'm not a RHEL expert so would appreciate any suggestions.