use rsh on Windows 2003 Server

use rsh on Windows 2003 Server (Full Version)

All Forums >> [SFU / Interix / SUA Technology] >> Windows Server 2003 R2 SUA

Message

jlai -> use rsh on Windows 2003 Server (Apr. 11, '06, 1:28:38 PM)
Hi, We have installed SUA on our Windows 2003 Server R2. We found rsh client, but couldn't seem to find rshd to start up daemon process. How can we start up rsh server on Windows 2003 Server? any help is greatly apprciated. Thanks!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 11, '06, 3:43:15 PM)
With SFU there were two "rsh servers" which confused people. There was a Win32 version & an Interix/Unix version. With R2 there is only the Interix version. So it is configure the same as on any other Unix system: edit /etc/inetd.conf and uncomment the rshd line and then send a SIGHUP to the inetd process. If you have a Firewall on be sure to open the needed ports.

jlai -> RE: use rsh on Windows 2003 Server (Apr. 11, '06, 4:53:12 PM)
Thanks, Rodney for your help. we got rsh working with password. How to rsh into a machine without password? We tried editing .rhosts file and put it in C:\Windows\System32\drivers\etc, but it didn't seem to work. Also, when we opened up a CSHELL, administrator's home directory points to "documents and settings", but once we use rsh to login to local machine, the home directory becomes root directory. Is this inconsistency? Thank you in advance for your help!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 11, '06, 7:39:34 PM)
Check the FAQ about setting a home directory for each user. Each user can have a "~/.rhosts". It's per user; this isn't ye olde silly DOS, it's Unix. Cross-ref the man page on "rhosts" for more details about the file. Same man page describes "/etc/hosts.equiv". Remember that the ".rhsosts" file should be mode 600 for security.

jlai -> RE: use rsh on Windows 2003 Server (Apr. 13, '06, 9:24:26 AM)
I added a new user through lusrmgr.msc, and set user's home directory to /homes/username. whenever I use rsh login, it cd to user's home directory, so that's good. My next step is to add a .rhosts file in user's home directory, and change the permission to 600. However, it doesn't seem to work. maybe I'm missing somthing here, or the format of my .rhosts file is wrong. here is the content of .rhosts file. ### localhost + 127.0.0.1 + gto + gto.domainname.com + I even put the same content in /etc/hosts.equiv, but it didn't solve the problem. Is there any step that I overlook? Any help is greatly appreciated. Thanks!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 13, '06, 1:09:22 PM)
> Is there any step that I overlook? The best thing to do is check the logs. First seem that you have syslogd running. Once it's running try a login (same code & logic is used for rlogin and rsh). The protocol is described on the rshd manual page. Then check in /var/adm/log/messages to see if a clue is there to what wasn't liked.

jlai -> RE: use rsh on Windows 2003 Server (Apr. 13, '06, 2:00:07 PM)
I checked rshd manual page and found out that I forgot to run the regpwd utility. tried it under Administrator account, but got an error message saying "Operation not permitted". I checked the permission bit, and it anyone can executes the utility. The file belongs to user Administrator, and group Administrators. /var/adm/log/messages is empty; nothing suspicious that I can debug from. am I missing something more fundamental? Any help is greatly appreciated. Thanks!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 13, '06, 2:13:46 PM)
The comment about needing to run regpwd is actually old and should have been removed years ago (about 6-1/2 to be specific). Running rshd is to be done as the local Administrator via inetd starting it up (which is also running as local Administrator). Rshd can only really be started by inetd (I'll skip the technical, but same reasons as on all other Unix systems). > /var/adm/log/messages is empty; But is syslogd running? (ps -A \| grep syslogd) So you can login with a password but not without a password. You have the file ~/.rhosts and it's mode 600. If you do "finger <user>" does it show the home directory as the location you expect? For the "inbound" machine is it correctly listed in the DNS with a matching reverse? (i.e. nslookup by name and IP produce the same record)

jlai -> RE: use rsh on Windows 2003 Server (Apr. 13, '06, 2:43:57 PM)

quote:

But is syslogd running? (ps -A | grep syslogd)

You are right, syslogd was not running. I started up and was able to see error messages
in /var/adm/log/messages.

quote:

So you can login with a password but not without a password.
You have the file ~/.rhosts and it's mode 600.

If you do "finger <user>" does it show the home directory as the
location you expect?

Yes.

When we tried to execute command
rsh localhost
It asks for password to be typed in, and log file spits out the following error message:
rlogind[1429]: usage: in.rlogind [-aDlnQ]
If we typed wrong password or try to ctrl-c out of the command, then log file says,
login:1 LOGIN FAILURE FROM 127.0.0.1

When we tried to execute the following command:
rsh localhost ls
This command never returns until we Ctrl-C out of it, and the log file has the following error message:
rshd[1235]: usage: in.rshd [-alnL]

what does these messages indicate?

Thank you in advance for your help!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 13, '06, 4:40:05 PM)
> what does these messages indicate? Well, it usually indicates that the options to the program were wrong. I've assumed that you just uncommented the lines in /etc/initd.conf to get things going. Did you change anything on these lines?

jlai -> RE: use rsh on Windows 2003 Server (Apr. 14, '06, 10:40:20 AM)
Thank you! I got it working. It was a stupid miskake. At first I didn't know vi is available with SUA, so I used wordpad to edit inetd.conf. Bad idea. Wordpad inserted Windows line endings in the file. After fixing the problem with vi, I was able to use rsh without password. Thank you very much for all your help! I do have two more questions, when I execute rsh localhost I got error message, "name mismatch", and always return the machine in CAPS. but if I execute rsh gto (gto is the machine name). I login to the machine successfully. Second question, When I tried to open a CShell on a user account. It just closed immediately. It used to stay open, and I couldn't figure out what are the changes that cause it to behave this way now. This behavior does not happen on Administrator account. any thoughts on this? I'm not sure if this is related, but when we tried to execute, su userid, we got the following error: su: /bin/sh: Permission denied. /bin/sh is a symbolic link points to ksh, which everyone has executable permission. Thank you in advance for your help!

jlai -> RE: use rsh on Windows 2003 Server (Apr. 19, '06, 11:21:35 AM)
quote: Second question, When I tried to open a CShell on a user account. It just closed immediately. It used to stay open, and I couldn't figure out what are the changes that cause it to behave this way now. This behavior does not happen on Administrator account. any thoughts on this? I'm not sure if this is related, but when we tried to execute, su userid, we got the following error: su: /bin/sh: Permission denied. /bin/sh is a symbolic link points to ksh, which everyone has executable permission. The stateed problem was solved by adding local user to Administrator group. In case anyone has problem setting up RSH using SUA on Windows 2003 Server R2, here are the steps I took: 1. Create a user account and set user's home directory using lusrmgr.msc in run command And, make sure user belongs to Administrator group. 2. Uncomment rsh related file in /etc/inetd.conf using vi editor 3. Restart /sbin/inetd or restart the computer 4. Add .rhosts file in user's home directory, and make sure file permission is 600. P.S. I still haven't solve the problem of name mismatch (mentioned in previous post) yet. Windows kept thinking 127.0.0.1 does not match with machine name, which is assigned to a different ip address. It should know that 127.0.0.1 is a special case and maps to localhost. however it's not the case. If anyone has lead on this, please let me know. Thanks!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 19, '06, 1:02:24 PM)
Sorry, I seem to have not gotten an e-mail about your previous post. When rshd and rlogind are accepting connections the source is double checked by a DNS lookup. The name given in the data stream is checked to exist with a record (lookup by name). That record's IP number is used to make a second request for a record (lookup by number). The two records must match. Otherwise a spoof can be happening (security problem). No match means the connection must give a password. What you are experiencing is this. I expect that the home directory of your user is on a network/remote disk or the permissions are not set correctly on the home directory. Without a password the user's token is created without access to networked resources. Therefore csh cannot change to the user's home directory. But you write that you solve the problem by adding the user to the Administrators group. This would indicate that the home directory is local but the permissions are wrong. Using Administrators is a big club that gives additional rights to that account that you may not want to give. > su: /bin/sh: Permission denied. This is the same message as with csh. Su is not reporting that /bin/sh cannot run. It is /bin/sh reporting that it does not have permission to change to the home directory. > P.S. I still haven't solve the problem of name mismatch (mentioned in previous post) yet. Check /etc/hosts has the entry in short form ("localhost"). You can check using nslookup 127.0.0.1 to see what it gets as a result. > 3. Restart /sbin/inetd or restart the computer Just send the HUP signal. The /etc/inetd.conf file will be re-read.

jlai -> RE: use rsh on Windows 2003 Server (Apr. 19, '06, 3:33:36 PM)

quote:

Using Administrators is a big club that gives additional rights to
that account that you may not want to give.

I agree. I tried what you suggested, check permission on user's (let's call it cuser ) home directory C:\homes\cuser. cuser has executable and read permission to C:\homes, and it has full control to its own folder C:\homes\cuser. So it looks like cuser has
correct permission. However, unless I add cuser to Administrator group. su cuser
or Cshell would not work.

quote:

Check /etc/hosts has the entry in short form ("localhost").
You can check using nslookup 127.0.0.1 to see what it gets as a result.

nslookup 127.0.0.1 returns information on DNS server and localhost
Server: host.domain.com
address: xxx.xxx.xxx.xxx

name: localhost
address: 127.0.0.1

This looks like the machine does know localhost is 127.0.0.1, but why

quote:

rsh localhost

syslog message indicates that 127.0.0.1 mismatches with the host name.

Thank you for your help!

tdvishnu -> RE: use rsh on Windows 2003 Server (Apr. 20, '06, 11:00:05 AM)
Hey Guys, This is vishnu, am also facing similar issues in rsh/rcp. I have few questions on that. Can u please tell me the location of inetd.conf file location in WINDOWS. Cheers, Vishnu

jlai -> RE: use rsh on Windows 2003 Server (Apr. 20, '06, 11:40:08 AM)
Open up a CShell from SUA. inetd.conf is in /etc directory. Or if you want to see it from a Windows explorer. Assuming you installed SUA under C:\SUA, then it would be in C:\SUA\etc.

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 20, '06, 12:43:16 PM)
Vishnu sent e-mail as well. He's using SFU 3.5. I'm not clear if he is using the Win32 or Interix version of rshd.

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 20, '06, 3:39:13 PM)
<back to jlai's posting, #14> You need to do the lookup both ways: by name and by IP number. So you should see the same info for both "nslookup 127.0.0.1" and "nslookup localhost". So you should see something like this: root:squirtle> nslookup localhost Server: 192.168.1.3 Address: 192.168.1.3#53 Name: localhost.XXXX.org Address: 127.0.0.1 root:squirtle> nslookup 127.0.0.1 Server: 192.168.1.3 Address: 192.168.1.3#53 1.0.0.127.in-addr.arpa name = localhost.XXXX.org. root:squirtle> /bin/nslookup 127.0.0.1 Server: guardian.XXXX.org Address: 192.168.1.3 Name: localhost.XXXX.org Address: 127.0.0.1 Note the o/p from /bin/nslookup is different than /usr/local/bin/nslookup, but the information is the same (IP's and names). You can do the same with dig.

jlai -> RE: use rsh on Windows 2003 Server (Apr. 21, '06, 10:12:20 AM)
I used nslookup to check both localhost and 127.0.0.1, both returned what's expected. I then tried "rsh localhost" and "rsh 127.0.0.1", I was able to login without password. However, when I tried "rsh localhost ls", or "rsh 127.0.0.1 ls", I would get an error message indicating name mismatch. Log message didn't have any useful information for debugging. any idea what might went wrong? btw, "rsh <machine name> ls" would work. Thanks!

Rodney -> RE: use rsh on Windows 2003 Server (Apr. 21, '06, 3:47:52 PM)
Your description is exactly what I'd describe as a DNS record problem. Odd that the record lookup by nslookup is saying otherwise. The "by machinename" is good because the name and IP records match. The record returned for "localhost" must be different than for 127.0.0.1. What is the exact o/p you get? Do it with /bin/nslookup (full path) since this behavior will match how rshd is linked. You can e-mail me the info instead if you don't want to post it here. /bin/nslookup localhost and /bin/nslookup 127.0.0.1

Page: [1] 2 next > >>

0.047