[SLE] Getting rsh to work correctly
I need to do some one time maintenance on my SuSE machines. I will require root to rsh into another SuSE machine and get root privileges on the remote machine but NOT be prompted with a password. I cannot figure out how to configure rshd. It is my understanding giving in.rshd the correct switches within inetd.conf is all I need to change. It is my understanding that if the switching are correct, there is no need to configure all the different host files. Because I am only going to do this for a few hours and then disable rsh again, I want the absolute simplest solution. Does anyone know for a FACT how to configure in.rshd the way I need it? Sam -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Thu, 27 Apr 2000, Sam Carleton wrote:
I need to do some one time maintenance on my SuSE machines. I will require root to rsh into another SuSE machine and get root privileges on the remote machine but NOT be prompted with a password. I cannot figure out how to configure rshd. It is my understanding giving in.rshd the correct switches within inetd.conf is all I need to change.
/etc/rc.config: ROOT_LOGIN_REMOTE="yes" This will change the PAM settings to what you need. Works for me (6.2). ;-) -- ---J.T.U. /==================================================================\ | Jon Trygve Utne |e-mail: jont@ii.uib.no | | Department of Informatics | Jon.Utne@mi.uib.no | | University of Bergen, Norway | Jon.Utne@student.uib.no | | Tlf(work) +47 55 58 82 95 |"Smith & Wesson: The original| | URL: http://www.ii.uib.no/~jont | point and click interface" | \==================================================================/ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Jon Trygve Utne wrote:
On Thu, 27 Apr 2000, Sam Carleton wrote:
I need to do some one time maintenance on my SuSE machines. I will require root to rsh into another SuSE machine and get root privileges on the remote machine but NOT be prompted with a password. I cannot figure out how to configure rshd. It is my understanding giving in.rshd the correct switches within inetd.conf is all I need to change.
/etc/rc.config:
ROOT_LOGIN_REMOTE="yes"
This will change the PAM settings to what you need. Works for me (6.2). ;-)
YES, I can now get in WITH a password. I need it setup so that I am not prompted for a password. What change do I need to make for that? Sam -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Thu, 27 Apr 2000, Sam Carleton wrote:
YES, I can now get in WITH a password. I need it setup so that I am not prompted for a password. What change do I need to make for that?
Make a .shosts file (or .rhosts if you don't use ssh). `man rhosts` for more info. -- ---J.T.U. /==================================================================\ | Jon Trygve Utne |e-mail: jont@ii.uib.no | | Department of Informatics | Jon.Utne@mi.uib.no | | University of Bergen, Norway | Jon.Utne@student.uib.no | | Tlf(work) +47 55 58 82 95 |"Smith & Wesson: The original| | URL: http://www.ii.uib.no/~jont | point and click interface" | \==================================================================/ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Thu, Apr 27, 2000 at 08:25:02AM -0400, Sam Carleton wrote: You must add in /etc/hosts.allow the name(s) of the computer(s) from which you want to connect.
Jon Trygve Utne wrote:
On Thu, 27 Apr 2000, Sam Carleton wrote:
I need to do some one time maintenance on my SuSE machines. I will require root to rsh into another SuSE machine and get root privileges on the remote machine but NOT be prompted with a password. I cannot figure out how to configure rshd. It is my understanding giving in.rshd the correct switches within inetd.conf is all I need to change.
/etc/rc.config:
ROOT_LOGIN_REMOTE="yes"
This will change the PAM settings to what you need. Works for me (6.2). ;-)
YES, I can now get in WITH a password. I need it setup so that I am not prompted for a password. What change do I need to make for that?
Sam
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
1. Edit /etc/inetd.conf, and add "h" at the end of the line, this is for enable ".rhosts" to the root user (be careful with security) hell stream tcp npwait root /usr/sbin/tcpd in.rshd -L 2. Tell inetd to "reload" it's configuration kill -HUP `ps aux | grep inetd | grep -v grep | awk '{ print $2}'` 3. Login as root, and create a .rhosts file, be sure to assign 600 permissions to .rhosts, and to check the changes made to this file. 4. Just invoke "rsh -l root <host> <commands> At least it worked for me on SuSE 6.0 (2.2.10) machine... - Nestor On Thu, 27 Apr 2000, Sam Carleton wrote:
I need to do some one time maintenance on my SuSE machines. I will require root to rsh into another SuSE machine and get root privileges on the remote machine but NOT be prompted with a password. I cannot figure out how to configure rshd. It is my understanding giving in.rshd the correct switches within inetd.conf is all I need to change.
It is my understanding that if the switching are correct, there is no need to configure all the different host files. Because I am only going to do this for a few hours and then disable rsh again, I want the absolute simplest solution.
Does anyone know for a FACT how to configure in.rshd the way I need it?
Sam
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
seems like i had to change "auth required /lib/security/pam_rhosts_auth.so" to "auth sufficent /lib/security/pam_rhosts_auth.so" in /etc/pam.d/rsh. i believe the -h is ignored nowadays with pam support. if your open to suggestions, i would strongly recommend using ssh instead. if you use RSA key authentication only, you can bypass the passwd's and still maintain fairly strong security. have fun...:) -- ======================================================================== Rocky McGaugh Atipa Linux Solutions Product Development www.atipa.com rocky@smluc.org rmcgaugh@atipa.com ======================================================================== On Thu, 27 Apr 2000, Sam Carleton wrote:
I need to do some one time maintenance on my SuSE machines. I will require root to rsh into another SuSE machine and get root privileges on the remote machine but NOT be prompted with a password. I cannot figure out how to configure rshd. It is my understanding giving in.rshd the correct switches within inetd.conf is all I need to change.
It is my understanding that if the switching are correct, there is no need to configure all the different host files. Because I am only going to do this for a few hours and then disable rsh again, I want the absolute simplest solution.
Does anyone know for a FACT how to configure in.rshd the way I need it?
Sam
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (5)
-
Anonymous User
-
jont@ii.uib.no
-
mircea.andrei@wanadoo.fr
-
nruiz@essalud.sld.pe
-
rmcgaugh@atipa.com