remsh problem
David L. Harfst
client does a "remsh" to the server.
I've set up a .rhost file for the user on a server.
I can do "rlogin" and "rcp", however "remsh" and
"rexec" report "connection Error 0" on the client,
and the syslog on the server reports,
"connect second port: Connection refused"
Both the client and the server are HP-UX 10.20.
Reading the man page for remsh and remshd, I see that
a second connection is made for stderr, and I suppose
that is what it is having trouble with.
Then network connection is not direct, that is, I have
the server inside a firewall that is doing NAT. I do
have the security set on the firewall such that it should
be allowing access to all ports on the server from my
client.
The client is connected to a NetGear network modem, which
is dialing to a DHCP based Internet account, and is also
doing NAT.
The firewall logs do not show anything that is being
filtered between the client and the server.
I've never run into a situation where rlogin and rcp
work, and remsh does not.
Any insights?
I realize that this is riddled with security problems,
but right now I'm just trying to prove whether or not
the application will work remotely, and I'll work out
the security details after. In reality, the client
will be behind another firewall in a remote office,
with a VPN link between the two.
--
David L. Harfst Computerized Medical Systems
Senior Systems Engineer St. Louis, Missouri
mailto:har...@cms-stl.com http://www.cms-stl.com
Tom Hoffmann
<har...@cms-stl.com> wrote:
> I've never run into a situation where rlogin and rcp work, and remsh
> does not.
I have. Generally this is related to an improperly set up .rhosts file.
That is, the host name is not fully qualified. I had this same problem
recently trying to set up remsh between a HPUX and AIX boxes.
A full-proof method I have long used is:
1) rlogin to the target host (the one you want to remsh *to*)
2) issue a tty command
3) use the output of the tty command in 'who -R | grep tty'
4) set up the host name in the .rhosts file on the source server
*exactly* as it appears in the output from step 3.
Can I assume that the permissions on the target .rhost file are
properly set ... usually 0600?
David L. Harfst
>
> In article <3AE70A06...@cms-stl.com>, "David L. Harfst"
> <har...@cms-stl.com> wrote:
>
> > I've never run into a situation where rlogin and rcp work, and remsh
> > does not.
>
> I have. Generally this is related to an improperly set up .rhosts file.
> That is, the host name is not fully qualified. I had this same problem
> recently trying to set up remsh between a HPUX and AIX boxes.
>
> A full-proof method I have long used is:
>
> 1) rlogin to the target host (the one you want to remsh *to*)
> 2) issue a tty command
> 3) use the output of the tty command in 'who -R | grep tty'
> 4) set up the host name in the .rhosts file on the source server
> *exactly* as it appears in the output from step 3.
>
No luck. Same result.
Richard Cleary
"r" commands with an alias I had to use the hostname as it appeared in
/etc/host or the name servers file. If you haven't already tried it use the
IP address. Also make sure the alias and hostname are both in the .rhost
file.
Martin Jost
>
> I seem to remember I had similar problem. I was unable to use some of the
> "r" commands with an alias I had to use the hostname as it appeared in
> /etc/host or the name servers file. If you haven't already tried it use the
> IP address. Also make sure the alias and hostname are both in the .rhost
> file.
And also check if
nslookup HOSTNAME
and
nslookup IP-ADRESS
match for both client and sever.
I once had _two_ _seperate_ entries for one of our PCs in NIS.
(Sys-Admin-Brain-Damage on my part..)
This made interesting things happen, when we tried PC-NFS from this
machine....
[Reverse lookup yielded "wrong" results]
HTH
Martin