[TAG] rsh - remote shell and rlogin (SUSE Linux 7.3)
jkarns at csd.net
Sat Sep 25 03:56:36 MSD 2004
On Fri, 24 Sep 2004, Alex Kalman wrote:
> Thanks you that has answered me.
Ok, glad to help
> One more question:
> 1.I tried to make that you have written:
> *ALL : ALL
> *then as root, issue the command:
> */etc/rc.d/inetd restart
> , but and couldn't enter with a command rsh in a
> computer(18.104.22.168). Something else is not open or it is necessary
> to open?
Sorry, I don't understand exactly what you're trying to say. My guess is
that you are telling us that you tried my suggestion and it still didn't
let you connect.
If so, then in addition to the /etc/hosts.allow file, you need to check
/etc/inetd.conf: look for a line containing the string "rsh". There
should be two lines, one ending with
and the other with
both lines probably start with a "#" in the left-most column, which
disables the service. Delete the "#" from one of the lines. Sorry, I
can't say what difference the '-a' parameter makes to rshd. As with the
hosts.allow file, after making any changes to inetd.conf, you will need to
restart the inetd daemon as I specified in my previous message.
> 2.I tried enter in a computer(22.214.171.124) by means of a command
> "rlogin", with username - "root" and password of "root",but couldn't.
> With another an username and password I can enter in a computer, but I
> need enter with "root".
> Why I cannot enter in a computer with username and password of the
It is a very bad idea to remotely login to a computer as the root user.
As I mentioned in my previous message, rsh is insecure. The reason is
that the password that you enter is sent over the network as plain ascii
text, which allows anyone who is connected to your network to "sniff" that
information and thereby steal your password, and thus gain access to that
Note: It is also old software and probably not up to date with respect to
known exploits, which would only add to the risk. It was popular (along
with telnet) in the days when the network users were trusted, and the
networks were small. Unless your network is isolated (not accessible from
the internet or other local networks), you are well advised *not* to use
rsh, but ssh instead.
That being said, if you have your mind made up that you are going to use
rsh no metter what, then connect with a normal (non-priviledged) user.
Then use the command 'su -' to login as root.
I don't have a SuSE 7.3 host to look at right now, and I can't remember
which file it is that blocks remote access as root - ahh, now I remember.
Those settings are to be found in /etc/rc.config. Search for the word
"remote". You should find a line that specifies "ROOT_LOGIN_REMOTE",
and change "no" to "yes". Although I highly recommend that you leave it
set to "no", and use "su" as I already mentioned.
More information about the TAG