Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cwjcc!gatech!bloom-beacon!athena.mit.edu!jik From: jik@athena.mit.edu (Jonathan I. Kamens) Newsgroups: comp.unix.wizards Subject: Re: rsh/rcp/rlogin mystery -- help! Message-ID: <12176@bloom-beacon.MIT.EDU> Date: 23 Jun 89 22:50:39 GMT References: <20086@adm.BRL.MIL> Sender: daemon@bloom-beacon.MIT.EDU Reply-To: jik@athena.mit.edu (Jonathan I. Kamens) Organization: Massachusetts Institute of Technology Lines: 49 In article pinkas@hobbit.intel.com (Israel Pinkas ~) writes: >I am posting so that others might learn. I will send mail to Dan, as he >requested. This would make sense if your answer were correct, but, as far as I can tell, it is not. Feel free to correct me if I am wrong (I am, after all, feeling free to correct you :-). >In article <20086@adm.BRL.MIL> barrett@crabcake.cs.JHU.EDU writes: > >> The weird behavior is this: when I type "rsh myHost who" from my >> two workstation accounts, vs1 executes the command just fine, but vs2 says >> "Permission denied." Now before you say "Oh, that's OBVIOUS!", consider >> this: >> * BOTH vs1 and vs2 have their fully-qualified names, and all >> nicknames, in the following files on myHost: >> >> /etc/hosts.equiv >> /etc/hosts.lpd >> /etc/exports (for NFS) > > ... > >In your setup, having vs1 in the hosts.equiv on myhost doesn't help. What >would happen if I put the name of your machine in my hosts.equiv and su'ed >to barrett. I would then be able to connect to your account without a >password. The machine accepting the rlogin/rsh connection is the machine that gets to decide whether or not to trust the username without the password. Therefore, the .rhosts or hosts.equiv entry must appear on the machine accepting the connection, not the machine initiating it. I do not think you read the original question carefully -- in it, the person asking the question said that he was typing the rsh command *from* vs1 and vs2 *to* myHost. Therefore, myHost *is* the correct machine on which to place the hosts.equiv or .rhosts entries. I suspect you thought he was trying to do an rsh to vs1 and vs2 from myHost, in which case your answer would have been correct. I read his question the same way the first time and thought of the same answer, because it is worded a bit confusingly, but I went back and read it again and realized the error of my ways :-) Jonathan Kamens USnail: MIT Project Athena 432 S. Rose Blvd. jik@Athena.MIT.EDU Akron, OH 44320 Office: 617-253-4261 Home: 216-869-6432