On Wed, Jan 21, 2009 at 12:18 PM, Jan Iven <[log in to unmask]> wrote:
> rsh and rlogin use two different ports (513, 514), check whether the
> appropriate holes are in your server firewall (/etc/syconfig/iptables).
> Then make sure the client accepts the callback traffic (on some random
> port) from the server.

Thanks for the input. The problem was that the random port was
blocked. A google of red hat rsh pages suggested a range of 1016-1022.
Manually unblocking these ports enabled rsh to work at least for a
quick test. Not that I know anything about the subject but I thought
high port numbers were supposed to be unblocked for uses like this?

> And then forget about it and use ssh :-) , unless you'll never have any
> untrusted machine on your network..

Ssh is used to connect to the host. The computational nodes can see no
untrusted machines and as much security as possible is turned off. Our
current task is to get the host to have normal security when accessing
outside without losing the connection to the computational cluster.
Now we have rsh functioning we can at least use the machines to do
some work.

Ssh was sort of working but generating and installing keys for
millions of machine combinations when you are prompted for a password
every time you try to install them was sufficiently difficult to
prompt the reversion to rsh to get some work done. Getting ssh working
more reasonably will now be revisited in a more leisurely manner.