Re: Debugging rsh

To: debian-user@lists.debian.org
Subject: Re: Debugging rsh
From: David Z Maze <dmaze@debian.org>
Date: Wed, 21 Jan 2004 10:55:19 -0500
Message-id: <[🔎] 87brox47q0.fsf@everett.mit.edu>
In-reply-to: <[🔎] 3E18AE8A-48E2-11D8-8986-000A95C71776@freezone.co.uk> (ms's message of "Sat, 17 Jan 2004 03:42:34 -0800")
References: <[🔎] 3E18AE8A-48E2-11D8-8986-000A95C71776@freezone.co.uk>

ms419@freezone.co.uk writes:

> I am trying to rsh to my server. I am using kerberos authentication. I
> believe I have configured everything correctly, but rsh simply
> complains: "hostname: Connection refused".

That message generally implies that nothing at all is listening for an
rsh server, at least on the port the rsh client expects.

> I checked my "inetd.conf".

What did you find?  Peeking in /etc/services, it looks like krsh is
probably running on the 'kshell' port (TCP port 544), not the normal
'shell' port (TCP port 514), so you might check that you have an rshd
configured to listen on the right port.

Also, there's the usual checks for Kerberized services: do you have a
TGT?  If you do, do you get a service ticket (for krb5,
host/remote.host.name; for krb4, rcmd.remote.host.name)?  (I'd guess
"yes" and "no" from the symptom, but it can't hurt to check.)  Which
rsh server are you actually using?

I think even around here, the standard for remote shell access is
moving to ssh over Kerberized rsh and friends.  You can configure ssh
to do Kerberos authentication, and tunnel arbitrary things (including
X programs) over the ssh connection.

-- 
David Maze         dmaze@debian.org      http://people.debian.org/~dmaze/
   MIT Athena Frequently Asked Question #578: "Why can't I use RSA
           authentication to connecto the dialup servers?"

Reply to:

References:
- Debugging rsh
  - From: ms419@freezone.co.uk

Prev by Date: Re: Release Management and Configuration Support
Next by Date: Error w. USB device (under 2.6)
Previous by thread: Re: Debugging rsh
Next by thread: Re:Tuning X
Index(es):
- Date
- Thread