New twist on perennial rlogin/rcp/rsh problems
From: Bob Hepple (bhepple_at_freeshell.org)
Date: 10/13/03
- Next message: yls177: "Re: su - user, weird display"
- Previous message: ryan: "Re: Where to find manuals for HP Surestore E 10/180 Tape Library?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 12 Oct 2003 22:25:28 -0700
This is driving me nuts but it's sufficently different to every other
posting on this topic that I felt I would be justified in posting (and
hopeful of answers!). It's the old "I can't log in with rlogin"
question but with several twists on the hoary old lament...
I have an NIS domain served by a linux machine which is configured
with md5 passwords. NIS works fine and on the HP-UX box (uname says:
HP-UX ita B.11.22 U ia64 1710032554 unlimited-user license
- it's a new Itanium zx2000 workstation), "ypcat passwd" and getpw
return sensible responses.
Of course, the HP can't do md5 password authentication (or can it?)
against the user/password pairs sent by NIS, so I wanted to establish
a trusted network (this thing is behind a firewall) with rlogin, rcp
and rsh so that I can move files around and login in without giving a
password. Fair 'nuff, I would have thought. As usual, I created
/etc/hosts.equiv listing my trusted clients and tried to use it.
rcp and rsh work fine. No password is needed and I can transfer files
around and remote execute the usual things like "rsh ita date".
But I can't log in - I get:
{bhepple@curry:hp/}:564$ rlogin ita
Password:
Login incorrect
and the following in /var/adm/syslog/syslog:
Oct 13 15:02:55 ita rlogind[8192]: User account "bhepple" is disabled.
The user "bhepple" is provided by NIS - it looks like HP-UX is trying
to authenticate against the md5 checksum and failing. The question is
"why does it try the password when I have /etc/hosts.equiv" set up
correctly? rcp and rsh work. Surely it should not be crunching
passwords at all.
Sundry facts:
A local user (ie, one not authenticated ny NIS) can rlogin in fine
(and do rcp/rsh)
there are no /usr/adm/inetd.sec or /etc/securetty files.
I tried a simple "+" in the /etc/passwd file instead of the
"+:*:-2:-2::/:" which was installed by default. Neither worked.
I can "rlogin -l root ita" and then "su - bhepple" and I see the
proper (auto-mounted) home directory. This is a workaround, let's me
work and confirms that the auto-mounter and NFS are working - but I'd
really like to be able to avoid the passwords.
If I create a local user on the HP-UX system with the same uid & gid &
home directories I can log in without password - but rcp and rsh fail!
Also I can't change the new local user's password on the HP-UX box.
I tried a .rhosts file too.
/etc/hosts.equiv contain hostname and hostname.domainname as well as
IP number, just to catch all possibilities.
Any ideas?
Thanks
Bob
- Next message: yls177: "Re: su - user, weird display"
- Previous message: ryan: "Re: Where to find manuals for HP Surestore E 10/180 Tape Library?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
