Rsh works one direction

[Matt Alexander]

r.ford at cox.net wrote:
> Hi,
> I need some idea where to start looking next on this problem.
> I've tracked it down to an authentication problem.  But rsh did not work before I started using yp-nis for authentication.
> (oh, and please don't bother lecturing me on the security of rsh. thanks)
> I've got rsh working one direction...www -> frogger
> frogger won't rsh to www but it will rlogin after i provide a password.  rlogin goes to frogger without asking me for a password.
>
>        frogger->www   www->frogger
> rsh             yes   no, with list of trials and errs
> rlogin          yes   yes, with list of trials and errs, 
>                        and user-prompt for password.
>
> Here is the rlogin from www->frogger:
> www ~]$ rlogin frogger
> connect to address 192.168.0.90: Connection refused
> Trying krb4 rlogin...
> connect to address 192.168.0.90: Connection refused
> trying normal rlogin (/usr/bin/rlogin)
> Password: 
> Last login: Sat Dec 31 09:56:44 from www
> frogger ~]$ 
>
> Here is the rsh from www->frogger:
> www ~]$ rsh frogger ls
> connect to address 192.168.0.90: Connection refused
> Trying krb4 rsh...
> connect to address 192.168.0.90: Connection refused
> trying normal rsh (/usr/bin/rsh)
> Permission denied.
> www ~]$
>
>
>   

Some things to verify before troubleshooting further...

.rhosts for each user has the IP of the connecting box.
/etc/securetty has an entry for rsh (and also rlogin and rexec, if needed)
The rsh-server package is installed.
rsh is enabled under xinetd and xinetd is running.

You might also want to change your path so /usr/bin/rsh is called before 
the kerberized version to avoid the kerberos errors.
~M