"rcp" not working.
Hi everyone,
I'm strucked in an aweful situation here about which I need an urgent help. Therefore, i'd say THANKS in advance to all of those who intend to reply.
The problem is, earlier when we were working on Solaris 8, to create a 'trusted remote user', all we had to do was:
(1) make an entry corrosponding to the remote system's hostname in the /etc/hosts file (to resolve the IP address)
(2) make an entry in '.rhosts' file regarding each trusted user-name existing on the remote host.
This worked perfectly fine and I was able to do "rcp" between the trusted nodes. Also, "rsh" to the same system was working fine and didn't asked for any passwords as I made an entry for all the user-names along with the current hostname.
But now, we moved on to Solaris 10. Following the same procedure gives a "permission denied" error for "rcp" and while "rsh" to the same host, it asks for the password, which is undesirable..
After a little effort I came to know that in Solaris 10, two new files - /etc/inet/hosts and /etc/inet/ipnodes are used to resolve the IP addresses of the hostnames. Now, to deal with this, we thought of two approaches -
(a) Either modify our earlier scripts to make the changes in the new files
(b) Or, make /etc/inet/hosts and /etc/inet/ipnodes as softlinks to the file /etc/hosts.
We followed the second approach and we are now traped in a wierd situation. The "rcp" is not working at all... I tried restoring the orignal 'inet/hosts' and 'ipnodes' files. It didn't work. We even added the "+ +" entry in the .rhosts file.. but that too didn't work.
Can somebody please explain why this is happening and suggest a workaround for this problem.
I guess, i've been very clear in explaining my problem. If the need be, you can ask for more details...
Any help will be greatly appreciated.
Thanks,
Raj.
[1935 byte] By [
rmohnani] at [2007-11-26 11:07:43]
# 1
It would be fairly sufficient to link /etc/inet/ipnodes to /etc/inet/hosts.
One thing to keep in mind is also that /etc/hosts is by default a link to /etc/inet/hosts .
Having said that, what happens when you tries to rcp/rsh to the host?
Also, whats the contents of your /etc/hosts and your /.rhosts
.7/M.
# 2
Hi Abrante,
I know that in Solaris 10, "/etc/hosts" and "/etc/inet/ipnodes" should be links to "/etc/inet/hosts".
Actually, I'm using some scripts which set up a couple of Solaris machines into trust lists of one another for all the user-names [this script sets up "/etc/hosts" and ".rhosts" files]. And then to copy files and directories between the system, i'm using a wrapper script which uses "rcp" to transfer the data and "rsh" to execute commands on the remote hosts. This wrapper script is a single interface to do things within the same hosts also. I mean, if we have to copy files within the same system, then also that script is used.
Now, when we moved on to Solaris 10, the "rsh" within the same system stopped working.. i.e. the command - > rsh `hostname` - stopped working. I found out that in Solaris 10, /etc/inet/hosts do all the things and /etc/hosts is just a symbolic link to that file. But to keep my existing scripts working, I rather made "/etc/inet/hosts" a symbolic link to "/etc/hosts".
This blew up the whole thing... Now i can't even do a "rcp" from the system even if I have a "+ +" entry in my ".rhosts" file..
Contents in /etc/hosts ::--
127.0.0.1 localhost loghost
172.23.26.127iws127 iws127.com
contents in .rhosts ::--
iws127 root
iws127.com root
My system's IP is "172.23.26.127" as I've removed the association from the other systems. I guess with the current state, commands like
-> rcp /space/abc.txt 172.23.26.127:/tmp/abc.txt
-> rsh iws127
should work..
Please Help...!! Its really getting on my nerves now...
Thanks,
Raj.
# 3
Whats the status of the service if you run:svcs network/shell:defaultAlso, if you login to the machine and run "finger", what do you see in the "where" column? .7/M.
# 4
If "+ +" didn't work, then I suspect the problem has nothing to do with your /etc/hosts entries since that disables security. You might try disabling system wide security by adding "+ +" to /etc/hosts.equiv to prove this. If that works then I think there is either a problem with the location or permissions of your .rhosts, or some other authentication is in play, like pam.conf.
# 5
> Now, when we moved on to Solaris 10, the "rsh" within
> the same system stopped working.. i.e. the command -
> > rsh `hostname` - stopped working.
'stopped working' isn't very helpful. Does it hang? Does it prompt for a password? Does it give error output?
> I found out that
> in Solaris 10, /etc/inet/hosts do all the things and
> /etc/hosts is just a symbolic link to that file. But
> to keep my existing scripts working, I rather made
> "/etc/inet/hosts" a symbolic link to "/etc/hosts".
Perhaps you're confused. /etc/hosts has been a symbolic link to /etc/inet/hosts for a long time. This hasn't changed with Solaris 10 at all. The only thing that changed with Solaris 10 is that the local hostname and address were added by default to /etc/inet/ipnodes. In previous versions, that file contained only a localhost entry.
> This blew up the whole thing... Now i can't even do a
> "rcp" from the system even if I have a "+ +" entry in
> my ".rhosts" file..
What happens when you try to do that?
> Contents in /etc/hosts ::--
> 127.0.0.1 localhost loghost
> 172.23.26.127iws127 iws127.com
>
> contents in .rhosts ::--
> iws127 root
> iws127.com root
These are the files on the server you're trying to reach, yes?
Can you log into that server at all (even with a password)? If you do that from your intended client and do a 'who' or a 'finger', does the correct name appear as the login host?
Is this any particular release of Solaris 10? (update 2?)
--
Darren
# 6
Hello,
Did tcp wrapper is configured on your machine. Check for the file /etc/hosts.deny. Did you see any entries like this in that file;
# See 'man tcpd' and 'man hosts_access' for a detailed description
# of /etc/hosts.allow and /etc/hosts.deny.
#
in.rshd in.rlogind in.rexecd: ALL
If this is the case, you will not able to execute any r-commands. Remove those entries and try again.
HTH,
Prabu.S
# 7
Hi,
I have similar problem on Solaris 10 x86. I found that with line like
"++" in .rhosts it works fine. If I create line like "hostname username" it does not work for command format
rsh user@host command.
but lets login(asking password) and work for
rsh user@host.
Consequently, this problem somewhere in security tunings. Where I have to look for?
# 8
as previously suggested use login supplying the asked for passwd.
then type "who am i"
eg
rlogin enoexec.uk
enoexec ksh: who am i
timupts/171Feb 26 19:49(vpn-129-150-121-43.UK.Sun.COM)
enoexec ksh:
so I need to put this in ~/.rhosts ( making sure its mode 600)
vpn-129-150-121-43.UK.Sun.COM timu
have a go and report back.
tim
