In message <B0184329514_at_mercury.ll.net>, supraexpress_at_globaleyes.net writes: > Sep 14 17:46:52 <local7.notice> target logger: TCP_Wrappers ALLOW: source/tar > get,rshd,974,rshd_at_target > Sep 14 17:46:52 <auth.info> target inetd[974]: connection from source, servic > e rshd (tcp) > Sep 14 17:46:52 <auth.info> target rshd[974]: root_at_source as root: permission > denied (authentication error). cmd='date' > > /root/.rhosts (600): "source root" > > /etc/pam.d/rsh: not changed > > /etc/inetd.conf: > shell stream tcp nowait root /usr/libexec/rshd rshd -L > > /etc/hosts: both "source" and "target" are defined > > /etc/named/s/: both "source" and "target" are defined > > 5.1-CURRENT: Wednesday, 20 August 2003 20:36:05 > > > Under FBSD-4.8, this is not a problem. Under FBSD-5.1, nothing I do > seems to allow rsh from another LAN host. > > A TCPDUMP of the rsh session shows "root.root.<command>" coming from > "source" and then "permission denied" coming from "target", where the > TCPDUMP is running. The "source" host displays: "rshd: Login > incorrect.". RSH from "target" to "source" works just fine?!? A picture is worth a thousand words. (No worries folks, this is in my internal network here at home. Professionally I use SSH and Kerberos rsh.) --- /usr/src/etc/pam.d/rsh Sun Feb 9 16:50:03 2003 +++ /etc/pam.d/rsh Mon Jun 16 15:20:00 2003 _at__at_ -6,7 +6,7 _at__at_ # auth auth required pam_nologin.so no_warn -auth required pam_rhosts.so no_warn +auth required pam_rhosts.so no_warn allow_root # account account required pam_unix.so Cheers, -- Cy Schubert <Cy.Schubert_at_komquats.com> http://www.komquats.com/ BC Government . FreeBSD UNIX Cy.Schubert_at_osg.gov.bc.ca . cy_at_FreeBSD.org http://www.gov.bc.ca/ . http://www.FreeBSD.org/Received on Sun Sep 14 2003 - 16:41:05 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:22 UTC