johnk@locus.com (John Kim) (04/12/91)
When I tried to invoke rsh on a machine in different network, I got error message "Permission Denied". There are .rhosts files in local and remote machines and entries are correct. Also I can telnet to the remote machine with no problem. Why can't I do rsh on the remote machine? This problem is not mentioned in the documention. Any clue? Thanks in advance. John Kim
shore@theory.tn.cornell.edu (Melinda Shore) (04/13/91)
In article <23452@oolong.la.locus.com> johnk@locus.com (John Kim) writes: >When I tried to invoke rsh on a machine in different network, >I got error message "Permission Denied". >There are .rhosts files in local and remote machines and >entries are correct. Assuming that your login ids are identical on both machines (or that you're passing your remote login id through correctly), chances are that your .rhost file on the remote is *not* correct. Try telnetting in to the remote and running "who". The last field in each record contains the software's notion of how to identify remote machines. Use that (keeping in mind, of course, that if the machine name in the who output is truncated you'll need to flesh it out). -- Software longa, hardware brevis Melinda Shore - Cornell Information Technologies - shore@theory.tn.cornell.edu
ng@cfd.di.nrc.ca (Kai Ng) (04/16/91)
In article <23452@oolong.la.locus.com>, johnk@locus.com (John Kim) writes: |> When I tried to invoke rsh on a machine in different network, |> I got error message "Permission Denied". |> There are .rhosts files in local and remote machines and |> entries are correct. Also I can telnet to the remote machine with |> no problem. It sounds like accounts for the same user in different machines have different user number though same id (e.g. user number = 2003 and user id = johnk). When you telnet, normally user id is used. However when rsh or rlogin, user number is used. ---------------------- Side question: How come I can never reply by mail to addresses like johnk@locus.com or somebody@somehost.awdpa.ibm.com ? They all bounced back with host unknown error. -- ----------------------------------------------------------------------------- Kai S. Ng Informatics, National Research Council Canada INTERNET ng@cfd.di.nrc.ca M-60 Montreal Road, Ottawa, Canada K1A 0R6 BITNET kain@nrcvm01.bitnet VOICE (613) 993-0240 FAX (613) 954-2561
shore@theory.tn.cornell.edu (Melinda Shore) (04/16/91)
In article <1991Apr15.185835.7025@nrcnet0.nrc.ca> ng@cfd.di.nrc.ca writes: >When you telnet, normally user id is used. However when rsh or rlogin, >user number is used. Nope. The login name is used by both rsh and rlogin. Telnet uses neither (i.e. it's not part of the protocol) - it just provides a connection. >Side question: How come I can never reply by mail to addresses like >johnk@locus.com or somebody@somehost.awdpa.ibm.com ? They all bounced back >with host unknown error. You're probably not running a sendmail that understands mx records. If you are (sendmail 5.61 and later), then your sendmail.cf file probably isn't configured correctly. If it is correct, then you probably aren't using the domain name service. If you are using dns, then it probably isn't set up correctly. -- Software longa, hardware brevis Melinda Shore - Cornell Information Technologies - shore@theory.tn.cornell.edu
freese@dalvm41b.vnet.ibm.com ("Bradley T. Freese") (05/15/91)
johnk@locus.com (John Kim) writes: > When I tried to invoke rsh on a machine in different network, > I got error message "Permission Denied". > There are .rhosts files in local and remote machines and > entries are correct. Also I can telnet to the remote machine with > no problem. Why can't I do rsh on the remote machine? > This problem is not mentioned in the documention. > > Any clue? The classic pitfalls in doing 'rsh', 'rcp', 'rlogin', and remote printing all arise from bad hostname resolution. In particular, the worst culprit is reverse name resolution. To check this, do the following on *each* host: 1) For *every* other host, do "host <otherhost>". You should get back something like otherhost.domain.domain.domain is 99.99.99.99 .... 2) For *every* other host, do "host <otheraddress>", where <otheraddress> is the address of the host. You should get the same response as in 1). If you don't (like "address 99.99.99.99 NOT FOUND"), your reverse name resolution is not working. Without working resolution, the r* daemons cannot identify the host requesting the service, so it will deny permission.