thompson@PAN.SSEC.HONEYWELL.COM (John Thompson) (05/04/90)
I wrote in a while ago: >Hi netlanders: >Well, now it's my turn to ask what's bound to be a stupid question >with an obvious answer. Loading 10.2, on several node types (dn4000, >dn3550, dsp160), I can not successfully telnet or rlogin to the node >after loading. I'm sure it's an ACL problem, but WHERE? > >Details: > 1) I adjust the ACLs to something between open and closed. This >is probably what's screwing me up. > 2) Some nodes have come up just fine (dn3000, dn3550, dn4500). I >don't know what I did to start the problems. > 3) tcp/ip is definitely up and running. THis isn't THAT trivial >a problem. > 4) "telnet hostname" gives the connection message, and the intro >login messaage, and the login: prompt. It accepts input, and immediately >returns with "login incorrect" and a new login: prompt. > 5) "rlogin hostname" gives the error message > bind: Permission denied > rcmd: socket: Permission denied > and sends me back to my local node. > 6) ACLs on the /dev directory give world 'rwxk' rights. Dirs >created in /dev have the same rights, files in /dev give world 'rwx'. Thanks to all who wrote back with comments/suggestions. Several people wrote to me about rlogin needing to be setuid at 10.2. By golly, that worked just fine, and I'm sure that I toasted the ACLs thoroughly while running 'inprot'. The majority 'telnet' view was that the pty's were hosed up, as the 10.2 bug seems to have hit everyone (are you listening, Apollo?). In this instance, I don't believe that to be the cause of my telnet woes, because of the following: 1) Unlike other people, I do _NOT_ get a "password" prompt followed immediately by an "invalid login" message. Immediately after pressing <RETURN> at the end of my login, I get a login invalid response. 2) After fixing rlogin, I could rlogin to the node with no problem. It is not likely registry availability either (another maybe), because they are available if I try going to another node, and they're there if I do a "crp -on //node" instead. My TCP/IP is all started correctly, as far as I can determine. So that other people can have a go at it, this is the status: . Daemon/Process status: tcpd started at boot time by /etc/rc.local, runs as root. inetd started at boot time by /etc/rc.local, runs as root. telnetd started by inetd at 'telnet' invocation, runs as root. login started by telnetd "" "" "" "" "" "" "", runs as root. . Other stuff: telnet fails identically whether attempted from another apollo, or from a Vax. Thanks again for putting up with a message/query that is getting longer all the time. I will post a summary (again) of any replies that come to me personally. Please forgive any mail-address snafus -- I am just now forwarding my mail in to the apollos, and the mailer we have is completely brain-dead. My addresses are: thompson@pan.ssec.honeywell.com (the Apollos themselves) thompson@animal.ssec.honeywell.com (a vax. forwards to pan) John Thompson Honeywell, SSEC As usual, my views are my own.