rsh gives "insufficient credentials"

From: Nicole Skyrca (nskyrca@syr.edu)
Date: Mon Nov 10 2003 - 17:34:43 EST

• Next message: Noah Yan: "Summary: Problem in L9 Autoloader connecting to Sun Enterprise E420R"
• Previous message: tim guinn: "apcupsd on e250/sol8 - tty error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,
I have a user who is trying to use rsh to execute a command on a remote
machine, but when he does he gets the error "insufficient credentials". The
user has "+ username" in his .rhosts file. The command they are running from
machine A to B is "rsh -l username B ls".

I found something on the web saying that for this to work, the /etc/pam.conf
entries for rsh should be like the following, but when I use these settings, I
am no longer able to "su" to root. It just says "su: Sorry".
I've also tried using the "pam_unix.so.1" module, but no luck.

rsh auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rsh auth required /usr/lib/security/$ISA/pam_unix_auth.so.1

The local machine (A) is runnig Solaris 8 HW 5/03, and has patch 108993-26.
The remote machine (B) is running
Solaris 8 HW 5/03 with patch 108993-22 installed.

The "authentication management" portion of the /etc/pam.conf for machine A
is:

# Authentication management
#
login auth required /usr/lib/security/$ISA/pam_unix.so.1
login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1
#
rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1

The "authentication management" portion of the /etc/pam.conf for machine B
is:

# Authentication management
#
login auth required /usr/lib/security/$ISA/pam_unix.so.1
login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1
#
rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1

How could I fix this problem?

Thanks!
Nicole

Nicole Skyrca
Syracuse University
Computing and Media Services
Machinery Hall
315-443-5310
nskyrca@syr.edu
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Noah Yan: "Summary: Problem in L9 Autoloader connecting to Sun Enterprise E420R"
• Previous message: tim guinn: "apcupsd on e250/sol8 - tty error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:27 EDT