jeb@pnet51.cts.com (James Borchart) (08/30/89)
I am having some trouble getting help from ISC on these problems. Tech
Support does not seem to have an answer. To their credit they call me every
week and tell me they don't have an answer.
1: /usr/ucb/rsh (not to be confused with the beloved restricted
shell) will give me a shell on the local or a remote host
but if I put a command at the end of the line I get
"Permission Denied" every time. Regardless of command.
2: rexec asks for a password for the specified or default user
and then fails every single time. This is regardless of whether
the user requires a password or not. The message is "Login
Incorrect\nrexec: could not execute remote command."
3: SUN's PC-NFS, running on a PC connected by ethernet to the
ISC server, gets "authentication failure" no matter what is typed
for the username and password, or if the user needs a password.
The existence or contents of an .rhosts file does not seem to be of
any consequence. ISC has had NO suggestions for things to try or things
I might be doing wrong. I have 386/ix 2.0.2, TCP/IP 1.1.2 and NFS 2.0,
all from Interactive.
I am aware that PC-NFS does not necessarily require an username, but it
is very inconvenient nonetheless. Also, does anyone know how to modify
the printer timeout time for PC-NFS, 5 minutes is a little extreme.
UUCP: {amdahl!bungia, uunet!rosevax, chinet, killer}!orbit!pnet51!jeb
ARPA: crash!orbit!pnet51!jeb@nosc.mil
INET: jeb@pnet51.cts.compeiffer@umn-cs.CS.UMN.EDU (Tim J. Peiffer) (08/31/89)
In article <899@orbit.UUCP> jeb@pnet51.cts.com (James Borchart) writes: >1: /usr/ucb/rsh (not to be confused with the beloved restricted > shell) will give me a shell on the local or a remote host > but if I put a command at the end of the line I get > "Permission Denied" every time. Regardless of command. >2: rexec asks for a password for the specified or default user > and then fails every single time. This is regardless of whether > the user requires a password or not. The message is "Login > Incorrect\nrexec: could not execute remote command." Your problem might be that the host you are logging on to does not know who or what your machine is. Check what your machine sees by the following. Remote shell into the target machine and type in the following: % whoami tim % who | grep tim | awk '{print $6}' (myname.sub.domain.) or (1.2.3.4) More than likely your entry in .rhosts does not match the return from who. If it gives a name, place it in .rhosts. I suspect it only knows the address. If your target machine is a host table driven beast, put an entry into /etc/hosts corresponding to your machine. If it is a domain nameserver driven sort, the deal becomes a little more difficult (but not much). Ask your local network guru to enter a record into the zone tables corresponding to your machine. Typically, the zone tables are listed as hosts and hosts.rev in the directory [/usr]/etc/named. In /usr/etc/named/hosts: myname.sub.domain. IN A 1.2.3.4 ^ <<- don't forget the trailing dot. In /usr/etc/named/hosts.rev: 4.3.2.1.in-addr.arpa. IN PTR myname.sub.domain. I hope this helps. I would be interested personally to see what the problem is. I am considering looking into PC-NFS or equivalent. Tim Peiffer peiffer@cs.umn.edu or.. Comp Sci Dept ...!rutgers!umn-cs!peiffer U of Minnesota Mpls, MN (612) 625-0876
geoff@hinode.East.Sun.COM (Geoff Arnold @ Sun BOS - R.H. coast near the top) (08/31/89)
In article <899@orbit.UUCP> jeb@pnet51.cts.com (James Borchart) writes: >[Deleted: various problems with ISC Unix TCP/IP and NFS] > > 3: SUN's PC-NFS, running on a PC connected by ethernet to the > ISC server, gets "authentication failure" no matter what is typed > for the username and password, or if the user needs a password. > I don't have a copy of the ISC stuff running here (lame excuse: I should order one), but assuming that their PCNFSD is derived from the standard source you should be able to start it with a "-d" option to trace each transaction. Of course this assumes that PCNFSD is running: to check this, run the following on the PC: rpcinfo -u <servername> 150001 >[...] Also, does anyone know how to modify >the printer timeout time for PC-NFS, 5 minutes is a little extreme. > Fixed in 3.0.1. If you don't have a copy, contact Sun's Customer Support Division for upgrade info. (Or buy another copy of PC-NFS and use it to upgrade existing nodes as well....) Geoff Arnold, Internet: geoff@East.Sun.COM PCDS Group, Sun Microsystems Inc. --------------------------------------------------------------------------- Most bizarre title of the week: "LAN Standards - Do you Need Them?" (in BYTE)
sauer@dell.dell.com (Charlie Sauer) (09/01/89)
In article <776@east.East.Sun.COM> geoff@hinode.East.Sun.COM (Geoff Arnold @ Sun BOS - R.H. coast near the top) writes: >In article <899@orbit.UUCP> jeb@pnet51.cts.com (James Borchart) writes: >> 3: SUN's PC-NFS, running on a PC connected by ethernet to the >> ISC server, gets "authentication failure" no matter what is typed >> for the username and password, or if the user needs a password. >I don't have a copy of the ISC stuff running here (lame excuse: I should >order one), ... I think that when we encountered this a while back we determined that pcnfsd was not aware that the password field had been moved to /etc/shadow... -- Charlie Sauer Dell Computer Corp. !'s:uunet!dell!sauer 9505 Arboretum Blvd @'s:sauer@dell.com Austin, TX 78759-7299 (512) 343-3310
johnl@esegue.uucp (John R. Levine) (09/01/89)
In article <899@orbit.UUCP> jeb@pnet51.cts.com (James Borchart) writes: > 3: SUN's PC-NFS, running on a PC connected by ethernet to the > ISC server, gets "authentication failure" no matter what is typed > for the username and password, or if the user needs a password. The problem is that the standard pcnfs daemon doesn't know that passwords are in /etc/shadow. The source to the daemon comes with PC-NFS, and it took me only a few minutes to add the call to getspnam() (which for some obscure reason is documented only in the Integrated Software Development Guide) and recompile, after which it worked fine. I do have to wonder whether they ever bothered to test anything; it's a very obvious bug. -- John R. Levine, Segue Software, POB 349, Cambridge MA 02238, +1 617 492 3869 {ima|lotus}!esegue!johnl, johnl@ima.isc.com, Levine@YALE.something Massachusetts has 64 licensed drivers who are over 100 years old. -The Globe
henry@utzoo.uucp (Henry Spencer) (09/07/89)
In article <1989Sep1.150312.1136@esegue.uucp> johnl@esegue.UUCP (John Levine) writes: >The problem is that the standard pcnfs daemon doesn't know that passwords >are in /etc/shadow... >I do have to wonder whether they ever bothered to test anything; it's a very >obvious bug. It's well known that Sun's quality-control department consists of a single clerk with an IQ of 37, equipped with a rubber stamp that says "PASSED". -- V7 /bin/mail source: 554 lines.| Henry Spencer at U of Toronto Zoology 1989 X.400 specs: 2200+ pages. | uunet!attcan!utzoo!henry henry@zoo.toronto.edu
geoff@hinode.East.Sun.COM (Geoff Arnold @ Sun BOS - R.H. coast near the top) (09/07/89)
In article <1989Sep6.175639.22619@utzoo.uucp> henry@utzoo.uucp (Henry Spencer) writes: >In article <1989Sep1.150312.1136@esegue.uucp> johnl@esegue.UUCP (John Levine) writes: >>The problem is that the standard pcnfs daemon doesn't know that passwords >>are in /etc/shadow... >>I do have to wonder whether they ever bothered to test anything; it's a very ^^^^ = ISC >>obvious bug. > >It's well known that Sun's quality-control department consists of a single >clerk with an IQ of 37, equipped with a rubber stamp that says "PASSED". Henry, you weren't reading along this thread. We distribute pcnfsd in source format. Since Sun doesn't use /etc/shadow, why should we test it? ISC _does_ use /etc/shadow, and omitted to make the necessary mods to pcnfsd. I'm sure they'll fix it - in fact the next distribution of pcnfsd source will include this code #ifdef'd, courtesy the CTIX developers. Don't blame our PC-NFS SQA for this, though. There's always something of a lag between releases of stuff - for example, we haven't yet got a pcnsfd out there which supports the passwd.adjunct security features in SunOS - but (1) we're working on it, and (2) the source is there for anyone to customize or fix. Geoff Geoff Arnold, Internet: geoff@East.Sun.COM PCDS Group, Sun Microsystems Inc. --------------------------------------------------------------------------- Most bizarre title of the week: "LAN Standards - Do you Need Them?" (in BYTE)