Problem with rsh .. Not able to execute remote server script .. Please help

From: manoj ghag (manojghag@rediffmail.com)
Date: Thu Jun 10 2004 - 11:22:08 EDT

• Next message: John.B.Kelly: "Ultra 2 Hanging Intermittently"
• Previous message: Peter Stokes: "Info on user auth Samba on Sol 2.6 with Windows 2003?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

  
Hi, Managers

I am facing a quite tricky problem in rsh ( I am not able to
execute remote user command from rsh prompt)

Note :- Following problem
happend after loading the patch 108993-36 ( before that it was happening
properly) IS it somthing related to /etc/pam.conf ??

Because with new pam
file it was not allowing me to login on GUI .. so I replaced new ( patched )
/etc/pam.conf with my old file and it started fine ..... Can u please help me
in following issue

see I have two sun servers sun1 and sun2. and I am
trying to have a rsh running or available for orcl10g user

With rsh I am able
to login from sun1 to sun2 and sun2 to sun1

bash-2.03$ rsh sun2
Last
login: Thu Jun 10 19:02:59 from sun1
Sun Microsystems Inc. SunOS 5.8
Generic Patch October 2001
$ exit

But if I try to run remote command

it
is possible to run command from sun1 to sun2

bash-2.03$ rsh sun2 date
Thu
Jun 10 20:22:38 GMT 2004

But in case of sun2 to sun1 it is not possible
-------------------------------------------
bash-2.03$ rsh sun1 date
Insufficent credentials.
-------------------------------------------
------------------
sun1
----------------
bash-2.03$ hostname
sun1

bash-2.03$
cat .rhosts
sun1 orcl10g
sun2 orcl10g

bash-2.03$ cat /etc/hosts.equiv
sun1
orcl10g
sun2 orcl10g

bash-2.03$ rsh sun2 date
Thu Jun 10 20:22:38 GMT 2004
----------------
sun2
----------------
bash-2.03$ hostname
sun2
bash-2.03$ cat
.rhosts
sun1 orcl10g
sun2 orcl10g
bash-2.03$ cat /etc/hosts.equiv
sun1 orcl10g
sun2 orcl10g

bash-2.03$ rsh sun1 date
Insufficent credentials.
-----------------
Instllation Log
-----------------

    NOTICE: The following
file is being changed by this patch:

                /etc/pam.conf

    A
copy of the previous version has been saved under the name:
/etc/pam.conf.pre108993-36

Patch number 108993-36 has been successfully
installed.
See /var/sadm/patch/108993-36/log for details
---------------Before Installing Patch ----------
bash-2.03$ cat /etc/pam.conf
-------------------------------------------------

bash-2.03$ cat
/etc/pam.conf.pre108993-36
#
#ident "@(#)pam.conf 1.16 01/01/24 SMI"
#
#
Copyright (c) 1996-2000 by Sun Microsystems, Inc.
# All rights reserved.
#
#
PAM configuration
#
# Authentication management
#
login auth required
/usr/lib/security/$ISA/pam_unix.so.1
login auth required
/usr/lib/security/$ISA/pam_dial_auth.so.1
#
rlogin auth sufficient
/usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth required
/usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin auth required
/usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required
/usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required
/usr/lib/security/$ISA/pam_unix.so.1
#
# Account management
#
login account
requisite /usr/lib/security/$ISA/pam_roles.so.1
login account required
/usr/lib/security/$ISA/pam_projects.so.1
login account required
/usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin account requisite
/usr/lib/security/$ISA/pam_roles.so.1
dtlogin account required
/usr/lib/security/$ISA/pam_projects.so.1
dtlogin account required
/usr/lib/security/$ISA/pam_unix.so.1
#
other account requisite
/usr/lib/security/$ISA/pam_roles.so.1
other account required
/usr/lib/security/$ISA/pam_projects.so.1
other account required
/usr/lib/security/$ISA/pam_unix.so.1
#
# Session management
#
other session
required /usr/lib/security/$ISA/pam_unix.so.1
#
# Password management
#
other password required /usr/lib/security/$ISA/pam_unix.so.1
dtsession
auth required /usr/lib/security/$ISA/pam_unix.so.1
#
# Support for Kerberos V5
authentication (uncomment to use Kerberos)
#
#rlogin auth optional
/usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#login auth optional
/usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#dtlogin auth
optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#other auth
optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#dtlogin
account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other account optional
/usr/lib/security/$ISA/pam_krb5.so.1
#other session optional
/usr/lib/security/$ISA/pam_krb5.so.1
#other password optional
/usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#
# Support for Solaris
PPP (sppp)
ppp auth required
/usr/lib/security/$ISA/pam_unix.so.1
ppp auth required
/usr/lib/security/$ISA/pam_dial_auth.so.1
ppp account requisite
/usr/lib/security/$ISA/pam_roles.so.1
ppp account required
/usr/lib/security/$ISA/pam_projects.so.1
ppp account required
/usr/lib/security/$ISA/pam_unix.so.1
ppp session required
/usr/lib/security/$ISA/pam_unix.so.1

-----------After Installaing
patch-----------------
bash-2.03$ cat /etc/pam.conf
---------------------------------------------------

bash-2.03$ cat
/etc/pam.conf_after_patch_108993_36
#
#ident "@(#)pam.conf 1.16 01/01/24
SMI"
#
# Copyright (c) 1996-2000 by Sun Microsystems, Inc.
# All rights
reserved.
#
# PAM configuration
#
# Authentication management
#
login auth
requisite pam_authtok_get.so.1
login auth required
pam_dhkeys.so.1
login auth required pam_unix_auth.so.1
login
auth required pam_dial_auth.so.1
#
rlogin auth sufficient
pam_rhosts_auth.so.1
rlogin auth requisite pam_authtok_get.so.1
rlogin auth required pam_dhkeys.so.1
rlogin auth required
pam_unix_auth.so.1
#
dtlogin auth requisite pam_authtok_get.so.1
dtlogin auth required pam_dhkeys.so.1
dtlogin auth required
pam_unix_auth.so.1
#
rsh auth sufficient pam_rhosts_auth.so.1
rsh
auth required pam_unix_auth.so.1
other auth requisite
pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other
auth required pam_unix_auth.so.1
#
# Account management
#
login
account requisite pam_roles.so.1
login account required
pam_projects.so.1
login account required
pam_unix_account.so.1
#
dtlogin account requisite pam_roles.so.1
dtlogin account required pam_projects.so.1
dtlogin account
required pam_unix_account.so.1
#
other account requisite
pam_roles.so.1
other account required pam_projects.so.1
other
account required pam_unix_account.so.1
#
# Session management
#
other session required pam_unix_session.so.1
#
# Password
management
#
other password required pam_dhkeys.so.1
other
password requisite pam_authtok_get.so.1
other password
requisite pam_authtok_check.so.1
other password required
pam_authtok_store.so.1
dtsession auth requisite
pam_authtok_get.so.1
dtsession auth required pam_dhkeys.so.1
dtsession auth required pam_unix_auth.so.1
#
# Support for
Kerberos V5 authentication (uncomment to use Kerberos)
#
#rlogin auth optional
pam_krb5.so.1 try_first_pass
#login auth optional pam_krb5.so.1
try_first_pass
#dtlogin auth optional pam_krb5.so.1
try_first_pass
#other auth optional pam_krb5.so.1 try_first_pass
#dtlogin account optional pam_krb5.so.1
#other account optional
pam_krb5.so.1
#other session optional pam_krb5.so.1
#other password
optional pam_krb5.so.1 try_first_pass
#
# Support for Solaris PPP (sppp)
ppp auth requisite pam_authtok_get.so.1
ppp auth required
pam_dhkeys.so.1
ppp auth required pam_unix_auth.so.1
ppp
auth required pam_dial_auth.so.1
ppp account requisite
pam_roles.so.1
ppp account required pam_projects.so.1
ppp
account required pam_unix_account.so.1
ppp session required
pam_unix_session.so.1
passwd auth required pam_passwd_auth.so.1
cron account required pam_unix_account.so.1
#cron account
optional pam_krb5.so.1
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: John.B.Kelly: "Ultra 2 Hanging Intermittently"
• Previous message: Peter Stokes: "Info on user auth Samba on Sol 2.6 with Windows 2003?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:50 EDT