Allowing root rsh

Allowing root rsh

Post by Alan Yasutovi » Sat, 05 Mar 1994 04:29:09



        I have a sparc classic with solaris.  How can I enable
        root rsh from other machines?

        I've tried .rhost and hosts.equiv.  I can rsh to other
        sparc2's.

        Sometimes it says "not on console Connection closed"
        and other times just "Connection closed".

--
        Alan Yasutovich
        "inquiring  (and nosey) minds WANT TO KNOW!!!"
        I can remember when "safe sex" meant having a padded headboard!!
        Tick Tock.....Tick Tock......Tick Tock .....Tick Tock......

 
 
 

Allowing root rsh

Post by Garrett B. Mick » Tue, 08 Mar 1994 08:29:20


:       I have a sparc classic with solaris.  How can I enable
:       root rsh from other machines?

:       I've tried .rhost and hosts.equiv.  I can rsh to other
:       sparc2's.

:       Sometimes it says "not on console Connection closed"
:       and other times just "Connection closed".

The "not on system console" message probably indicates that the system
you are trying to log into as root doesn't trust root logins from network
terminals.  This is controlled in various files on different unix systems
(/etc/ttys, /etc/ttydefs, or /etc/ttytab).  I think the ttytab file is
one of the more popular places for it.  A look into the ttytab file on
one of our SUN4.1.1 systems shows that we only trust console root logins.
Of course that doesn't stop me from logging in under my regular account
and the doing an su.

Here's a couple of lines from the file.  Note that the keyword secure
appears in the line for the console but not for the network lines.
To enable network root logins, we would have to add the "secure" keyword
to the end of the line for the ttyp* entries.

====

#
# name  getty                           type            status  comments
#
console "/usr/etc/getty std.9600"       sun             on local secure
ttya    "/usr/etc/getty std.9600"       unknown         off local
ttyb    "/usr/etc/getty std.9600"       unknown         off local
tty00   "/usr/etc/getty std.9600"       unknown         off local
tty01   "/usr/etc/getty std.9600"       unknown         off local
# Lots-o-lines removed for brevity.
ttyp0   none                            network         off
ttyp1   none                            network         off
ttyp2   none                            network         off
# More lines deleted.

Hope that helps.


--

 
 
 

Allowing root rsh

Post by Jon Hamilt » Tue, 08 Mar 1994 10:30:05




>:   I have a sparc classic with solaris.  How can I enable
>:   root rsh from other machines?
>:   I've tried .rhost and hosts.equiv.  I can rsh to other
>:   sparc2's.
>:   Sometimes it says "not on console Connection closed"
>:   and other times just "Connection closed".
>The "not on system console" message probably indicates that the system
>you are trying to log into as root doesn't trust root logins from network
>terminals.  This is controlled in various files on different unix systems
>(/etc/ttys, /etc/ttydefs, or /etc/ttytab).  I think the ttytab file is
>one of the more popular places for it.  A look into the ttytab file on
>one of our SUN4.1.1 systems shows that we only trust console root logins.
>Of course that doesn't stop me from logging in under my regular account
>and the doing an su.

[sunOS 4 example deleted]

Specifically, on Solaris systems, you want to look in /etc/default/login,
particularly at the CONSOLE line.  Commenting it out altogether will
allow root logins from any tty/pty, or you can specify an exhaustive
list of all the terminals you wish to allow root logins from.

--
+----------------------------------------------------------------+

|   CS Solaris Systems Support Group, Iowa State University      |
+----------------------------------------------------------------+

 
 
 

Allowing root rsh

Post by w » Sun, 13 Mar 1994 06:36:47




>:   I have a sparc classic with solaris.  How can I enable
>:   root rsh from other machines?
>The "not on system console" message probably indicates that the system
>you are trying to log into as root doesn't trust root logins from network
>terminals.  This is controlled in various files on different unix systems
>(/etc/ttys, /etc/ttydefs, or /etc/ttytab).  I think the ttytab file is
>one of the more popular places for it.  A look into the ttytab file on
>one of our SUN4.1.1 systems shows that we only trust console root logins.

Wrong. SunOS 4.x is BSD, while Solaris (SunOS 5.x)  is  SVR4  (or
some   kind   of,   at   least   :-(  ).  Just  have  a  look  at
/etc/default/login - the comments explain what you want to know.

Wolfgang



"The question  of whether a computer can  think  is no more interesting
than the question of whether a submarine can swim" (Edsgar W. Dijkstra)

 
 
 

Allowing root rsh

Post by Mike.Andre » Sun, 13 Mar 1994 00:43:00




>        I have a sparc classic with solaris.  How can I enable
>        root rsh from other machines?

>        I've tried .rhost and hosts.equiv.  I can rsh to other
>        sparc2's.

>        Sometimes it says "not on console Connection closed"
>        and other times just "Connection closed".

>--

It soulds as though this particular solaris is like Clix on
our Intergraph workstations: if you want to log in as root,
you _MUST_ log in through the console. Period.

--
+----------------------------------------------------------------------
| Mike Andrews                                                        |


|--------------------------------+------------------------------------+
| Mgr., Tech. Support            |   (405) 521-4197 (my desk)         |
| Data Services Division         |   0730-1630 Central (U.S.)         |
| Okla. Dept. of Transportation  |   (405) 521-4195 (help desk)       |
| 200 N. E. 21st. St.            |   0700-1700 Central (U.S.)         |
| Okla. City, OK 73105           |                                    |
+--------------------------------+------------------------------------+

 
 
 

Allowing root rsh

Post by Jon Hamilt » Tue, 15 Mar 1994 00:08:31





>>        I have a sparc classic with solaris.  How can I enable
>>        root rsh from other machines?
>>        I've tried .rhost and hosts.equiv.  I can rsh to other
>>        sparc2's.

>>        Sometimes it says "not on console Connection closed"
>>        and other times just "Connection closed".

>>--
>It soulds as though this particular solaris is like Clix on
>our Intergraph workstations: if you want to log in as root,
>you _MUST_ log in through the console. Period.

Naw, you just have to edit /etc/default/login and comment out the
CONSOLE line (or add the ptys from which you wish to allow root login).
(for Solaris, that is.  I don't know about Clix).
--
+----------------------------------------------------------------+

|   CS Solaris Systems Support Group, Iowa State University      |
+----------------------------------------------------------------+
 
 
 

Allowing root rsh

Post by w » Tue, 15 Mar 1994 00:39:52




>>        I have a sparc classic with solaris.  How can I enable
>>        root rsh from other machines?
>It soulds as though this particular solaris is like Clix on
>our Intergraph workstations: if you want to log in as root,
>you _MUST_ log in through the console. Period.

This can be configured by your syadmin. Have a look at /etc/default/login.

Wolfgang



"UNIX was not designed to stop you from doing stupid things,  because
that would  also stop you from doing clever things."     -- Doug Gwyn

 
 
 

Allowing root rsh

Post by Erwin Fri » Wed, 16 Mar 1994 11:43:34



Quote:>    I have a sparc classic with solaris.  How can I enable
>    root rsh from other machines?
>    I've tried .rhost and hosts.equiv.  I can rsh to other
>    sparc2's.
>    Sometimes it says "not on console Connection closed"
>    and other times just "Connection closed".

Your problem must be elsewhere.  I 'rsh' from one machine to another with no problem
and the only special thing I did was to set up a .rhosts file.  Of course, I'm running
IRIX 4.0.5.H, so maybe your OS treats things differently than mine.

--

 
 
 

Allowing root rsh

Post by Scott A. Cleme » Mon, 21 Mar 1994 12:15:15





>>        I have a sparc classic with solaris.  How can I enable
>>        root rsh from other machines?

>>        I've tried .rhost and hosts.equiv.  I can rsh to other
>>        sparc2's.

>>        Sometimes it says "not on console Connection closed"
>>        and other times just "Connection closed".

>>--

>It soulds as though this particular solaris is like Clix on
>our Intergraph workstations: if you want to log in as root,
>you _MUST_ log in through the console. Period.

>--
>+----------------------------------------------------------------------
>| Mike Andrews                                                        |


>|--------------------------------+------------------------------------+
>| Mgr., Tech. Support            |   (405) 521-4197 (my desk)         |
>| Data Services Division         |   0730-1630 Central (U.S.)         |
>| Okla. Dept. of Transportation  |   (405) 521-4195 (help desk)       |
>| 200 N. E. 21st. St.            |   0700-1700 Central (U.S.)         |
>| Okla. City, OK 73105           |                                    |
>+--------------------------------+------------------------------------+

The above is incorrect.  In order to enable remote login as root you must
first edit the file /etc/default/login.  The line that starts with  
"CONSOLE" needs to be commented out.  This is a default for all SV4
operating systems.  The only thing you did not mention was the the
/etc/hosts files also contain each others hosts and ip address.  But
I just assume that was done.  If this don't work , send me a note
and I would be glad to help.


Manager - Tech Support
(314) 340-0602

 
 
 

Allowing root rsh

Post by J.C. Webber I » Mon, 21 Mar 1994 23:18:07






>>>        I have a sparc classic with solaris.  How can I enable
>>>        root rsh from other machines?
>>>        I've tried .rhost and hosts.equiv.  I can rsh to other
>>>        sparc2's.

>>>        Sometimes it says "not on console Connection closed"
>>>        and other times just "Connection closed".

>>>--

->>It soulds as though this particular solaris is like Clix on
->>our Intergraph workstations: if you want to log in as root,
->>you _MUST_ log in through the console. Period.

->Naw, you just have to edit /etc/default/login and comment out the
->CONSOLE line (or add the ptys from which you wish to allow root login).
->(for Solaris, that is.  I don't know about Clix).

No, you should probably leave CONSOLE alone.  Try commenting out
ROOTCONSOLE instead.  Works for us here at MTI....
--


Silicon Graphics, Inc.          Tel (415)390-4120       Fax (415)390-6174
"Comparing Dos to UNIX is like comparing a mix-master to a chef's kitchen"

 
 
 

Allowing root rsh

Post by Scott A. Cleme » Mon, 21 Mar 1994 08:57:51





>>:       I have a sparc classic with solaris.  How can I enable
>>:       root rsh from other machines?

>>The "not on system console" message probably indicates that the system
>>you are trying to log into as root doesn't trust root logins from network
>>terminals.  This is controlled in various files on different unix systems
>>(/etc/ttys, /etc/ttydefs, or /etc/ttytab).  I think the ttytab file is
>>one of the more popular places for it.  A look into the ttytab file on
>>one of our SUN4.1.1 systems shows that we only trust console root logins.

>Wrong. SunOS 4.x is BSD, while Solaris (SunOS 5.x)  is  SVR4  (or
>some   kind   of,   at   least   :-(  ).  Just  have  a  look  at
>/etc/default/login - the comments explain what you want to know.

>Wolfgang



>"The question  of whether a computer can  think  is no more interesting
>than the question of whether a submarine can swim" (Edsgar W. Dijkstra)

I would like to add a bit more detail.  This is the default for all SV4
operating systems - not just Solaris.  Since Solaris 2.x is SV4 it also
has this feature.  Under the directory /etc/default are the system default
files.  In the file "login" there  is a line starting with "CONSOLE".  This
is the line that needs to be commented out.  If you look on your sunos4.X
machines - this is handled in the /etc/ttytab file.  


Manager - Technical Support
(314) 340-0602

 
 
 

Allowing root rsh

Post by Jon Hamilt » Tue, 22 Mar 1994 13:37:28







>>>>        I have a sparc classic with solaris.  How can I enable
>>>>        root rsh from other machines?

[...]

Quote:>->>It soulds as though this particular solaris is like Clix on
>->>our Intergraph workstations: if you want to log in as root,
>->>you _MUST_ log in through the console. Period.
>->Naw, you just have to edit /etc/default/login and comment out the
>->CONSOLE line (or add the ptys from which you wish to allow root login).
>->(for Solaris, that is.  I don't know about Clix).
>No, you should probably leave CONSOLE alone.  Try commenting out
>ROOTCONSOLE instead.  Works for us here at MTI....

There being no ROOTCONSOLE line in Solaris, that's bad advice :)

From the Solaris 2.3 login(1) man page:

DIAGNOSTICS
     Login incorrect     The user name or the password cannot  be
                         matched.

     Not on system console
                         Root login denied.   Check  the  CONSOLE
                         setting in /etc/default/login.

The question was, after all, specifically Solaris.  I don't think
ROOTCONSOLE is a regular SVR4 thing, but I could be wrong.

Followups redirected to comp.unix.admin.
--
+----------------------------------------------------------------+

|   CS Solaris Systems Support Group, Iowa State University      |
+----------------------------------------------------------------+

 
 
 

1. Any way to allow root rsh/rlogin in RH6.0??

Hello,

        I have a few boxes on a private network for running some batch jobs
where security is not a concern. Is there a way to allow root access via
telnet, rsh and rlogin?

        I have tried modifying files in /etc/pam.d as well as /etc/securettys
and creating a .rhosts file in /root and nothing seems to work. I know this is
absurd from a security standpoint but the boxes are on their own lan.

Thanks,

Will

2. Customising tcsh Prompt

3. Allowing root to rsh

4. Strange mount entries

5. allowing root of another machine to rsh in ?

6. Tracing memory access

7. allowing root to rsh in

8. --> Why won't my window resize correctly? <--

9. How do you allow root to rsh/rcp/rlogin/etc?

10. allowing root to rsh

11. Allowing root a rsh

12. rsh as root - no password - /.rhosts or /root/.rhosts doesn't work?

13. rsh root but no root remote login...