LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

October 2005

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS October 2005

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Summary of rsh settings and further questions
From:	Kuo Kan LIANG <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Fri, 7 Oct 2005 23:30:39 +0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (68 lines)

Dear SL users,

With the help of people here and other webpages, I finally figured out
the things that I have to do to make rsh work.
This is not a problem directly related to SL because rsh is considered
as an "old internet service" and is not installed with SL in many cases.
However, since I believe that many will use SL as the OS for clusters,
and MPICH will use rsh, so I think it helpful to make a summary here.

Following are what I did to make it work.

1. On every node including the server, modify /etc/hosts.equiv to include
all of the nodes in the cluster (including the server) into the file.
The format can be simply a list of the nicknames of the nodes.

2. On every node including the server, modify /etc/hosts.allow to
make trusted rsh allowed over the cluster.
In my case, the private network has IP 29.1.x.x, so I wrote:

in.rshd: 29.1.0.0/255.255.0.0

3. On the server (which is supposed to be connected to the WAN in some ways),
modify the /etc/hosts.deny file properly to ensure security.
The format is the same as hosts.all.

4. On each node including the server, do the following:

  /sbin/chkconfig rsh on
  /sbin/chkconfig rlogin on

and then

  /sbin/service xinetd restart

Depending on your needs, maybe you would also like to turn rexec before
restarting xinetd.

The above is enough for rsh to work between all nodes on a cluster,
for normal users. However, if you want to make root-rsh possible,
you need to do the following on each node including the server:

1. modify /etc/securetty and make sure that the following two lines are there:

  rsh
  rlogin

2. Create or modify .rhosts in the home directory of root to include
the nodes from which you may want to do rsh.

I think for SL users these are plenty enough for setting up rsh connection.

However, I still have the same problem asked in the previous post.
Since krb5 is not started, I can only connect via normal rsh
(In the case of SL, it is in /usr/bin/) but in /etc/profile.d/krb5
the system automatically put /usr/kerberos/sbin and /usr/kerberos/bin
at the beginning of the path, in front of /usr/bin.
Therefore, when I tried to do rsh, the krb5 and krb4 versions are tried first.
Is there any good way to modify this setting so that all of the rsh calls
goes to /usr/bin/rsh ?

Thanks for inputs in advance.

Best regards,
Kuo Kan LIANG
Division of Mechanics,
Research Center for Applied Sciences.
Academia Sinica, Taiwan

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV