Dear SL users,
With the help of people here and other webpages, I finally figured out
the things that I have to do to make rsh work.
This is not a problem directly related to SL because rsh is considered
as an "old internet service" and is not installed with SL in many cases.
However, since I believe that many will use SL as the OS for clusters,
and MPICH will use rsh, so I think it helpful to make a summary here.
Following are what I did to make it work.
1. On every node including the server, modify /etc/hosts.equiv to include
all of the nodes in the cluster (including the server) into the file.
The format can be simply a list of the nicknames of the nodes.
2. On every node including the server, modify /etc/hosts.allow to
make trusted rsh allowed over the cluster.
In my case, the private network has IP 29.1.x.x, so I wrote:
in.rshd: 29.1.0.0/255.255.0.0
3. On the server (which is supposed to be connected to the WAN in some ways),
modify the /etc/hosts.deny file properly to ensure security.
The format is the same as hosts.all.
4. On each node including the server, do the following:
/sbin/chkconfig rsh on
/sbin/chkconfig rlogin on
and then
/sbin/service xinetd restart
Depending on your needs, maybe you would also like to turn rexec before
restarting xinetd.
The above is enough for rsh to work between all nodes on a cluster,
for normal users. However, if you want to make root-rsh possible,
you need to do the following on each node including the server:
1. modify /etc/securetty and make sure that the following two lines are there:
rsh
rlogin
2. Create or modify .rhosts in the home directory of root to include
the nodes from which you may want to do rsh.
I think for SL users these are plenty enough for setting up rsh connection.
However, I still have the same problem asked in the previous post.
Since krb5 is not started, I can only connect via normal rsh
(In the case of SL, it is in /usr/bin/) but in /etc/profile.d/krb5
the system automatically put /usr/kerberos/sbin and /usr/kerberos/bin
at the beginning of the path, in front of /usr/bin.
Therefore, when I tried to do rsh, the krb5 and krb4 versions are tried first.
Is there any good way to modify this setting so that all of the rsh calls
goes to /usr/bin/rsh ?
Thanks for inputs in advance.
Best regards,
Kuo Kan LIANG
Division of Mechanics,
Research Center for Applied Sciences.
Academia Sinica, Taiwan
|