Scott Taylor wrote:
> Hello all,
>
> I'm not quite sure what has changed in the recent rsh commands, but I
> can't seem to get around the password promting. I need a clnk rsh between
> two machines in order to run my backup script.
>
> I added all the usual .rhosts with the proper permissions et al added the
> xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when
> I use the rsh commands, I get either a password prompt or some Kerberos
> stuff that I don't use.
>
> ie:
> rexec intrbase ls
> password:
>
> and
> connect to address 192.168.99.211: Connection refused
> Trying krb4 rlogin...
> connect to address 192.168.99.211: Connection refused
> trying normal rlogin (/usr/bin/rlogin)
> Last login: Thu Feb 2 07:47:37 from spare
>
> As you can see this is for an internal network, so I'm not freaked out
> about security here.
>
> I can't seem to find anything in the help files about it. How can I
> configure rsh to use the old, normal way of auth?
>
> I'm using the latest CentOS4.2
If you don't use the Kerberos stuff, then remove it ... it's probably
the krb5-workstation package - i.e.
rpm -e krb5-workstation
I don't know about rexec, but for rlogin and rsh:
Edit /etc/pam.d/rsh and change the line:
auth required pam_rhosts_auth.so
to:
auth required pam_rhosts_auth.so promiscuous
and edit /etc/pam.d/rlogin and change the line:
auth sufficient pam_rhosts_auth.so
to:
auth sufficient pam_rhosts_auth.so promiscuous
Make sure 'rsh' and 'rlogin' are listed in /etc/securetty
James Pearson
