rsh denied on some boxes but not others

th1amigo · February 17, 2010, 5:04pm

Hi. As root, I'm running rsh as root from a Solaris 9 machine to some RHEL 4 servers (supposedly all configured identically) but two of about 10 respond with permission denied. There is no firewall device between the Solaris 9 client and the RHEL servers.

I'm doing something like this from the client:

foreach ff ($servers)
rsh $ff uname -n
end

svr1
svr2
Permission denied.
Permission denied.
svr5
svr6

I've been comparing the setup on the RHEL servers but can't figure out where the problem might exist on the 2 oddball servers. I checked /.rhosts, /etc/hosts, nsswitch.conf, /etc/pam.d/rsh, /etc/xinet.d/rsh and they're the same.

In the messages file, I see

Feb 17 16:23:55 svr3 pam_rhosts_auth[15081]: denied to root@s9clnt as root: access not allowed
Feb 17 16:23:55 svr3 in.rshd[15081]: rsh denied to root@s9clnt as root: Permission denied. 
Feb 17 16:23:55 svr3 in.rshd[15081]: rsh command was 'uname -n'

However, the /etc/pam.d/rsh file has the following entries (same as servers allowing rsh from the Solaris 9 client):

#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth       sufficient   pam_nologin.so
auth       optional     pam_securetty.so
auth       sufficient   pam_env.so
auth       sufficient   pam_rhosts_auth.so
account    sufficient   pam_stack.so service=system-auth
session    sufficient   pam_stack.so service=system-auth

I'm not a RHEL expert so would appreciate any suggestions.

Eronysis · February 19, 2010, 12:29pm

Is rsh listed in /etc/securetty ?

th1amigo · February 23, 2010, 3:17pm

Here's the deal. There are three RHEL 4 servers I cannot rsh into as root. One already has rsh in /etc/securetty. The other two didn't so I added rsh to it. Made no difference. Do I have to restart some service?

On the other hand, there's a 4th server I can rsh into as root but it does NOT have rsh in /etc/securetty.

All 4 servers have the same /.rhosts file with the entry in /etc/hosts and the same nsswitch.conf. They also have the same /etc/pam.d/rsh file.

Don't understand. Any suggestions? Thanks.

methyl · February 23, 2010, 8:27pm

Name resolution?
Try this on source and all destination computers.

nslookup ip_address

To make this easy. When "nslookup" is run on both source and destination computers the command should respond with a name ... and give exactly the same name as is quoted in /.rhosts.
Each IP address would normally appear only once in /etc/hosts and have only one name. (I know that there are exceptions).

A .rhosts should be permissions 600 and owned by "root" or it will be ignored.

Afterthought. Check that root's home directory is actually "/" on every server. Often is is "/root" .

th1amigo · February 24, 2010, 10:20am

Thanks methyl! Your afterthought was right on the money.
All my servers have /root as the home directory for root and the ones that weren't allowing rsh access didn't have .rhosts under /root - they were under /. I copied .rhosts to /root and they now all allow root rsh access.