[Beowulf] passwordless rsh/ssh
David Mathog
mathog at mendel.bio.caltech.edu
Wed Jun 22 15:59:08 PDT 2005
> Ok, on the local machine (the linux box), as user fred, can you
>
> rsh localhost uname
No, that does not work, not for root either. However doing
rsh machinename uname
does work for either user. Note this was done on one of the
target machines, the head node does not run rsh and so it
could not be tested there.
>
> ? If you cannot, what are the permissions on your .rhosts file?
> Should be 600.
They are.
>
> Next, what are the contents?
Hmm, nothing specific for root -> root for localhost. Added
localhost root
to /root/.rhosts and now "rsh localhost uname" works for that account.
Oddly adding localhost to /etc/hosts.equiv did not have the same
effect.
Putting just
localhost
in ~fred/.rhosts did not get the
rsh -l fred machinename uname #as root
working, neither did adding
localhost fred
localhost root
>
> Finally, we want to look at the /etc/pam.d/rsh and /etc/pam.d/rlogin.
> You should have a line in there which reads
>
> auth sufficient pam_rhosts_auth.so
The two files are indentical and contain:
auth required pam_nologin.so
auth required pam_securetty.so
auth required pam_env.so
auth required pam_rhosts_auth.so
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
That seems to be enough to login without a password from
one same named account to another. Not good enough for rsh
-l to work though.
Thanks,
David Mathog
mathog at caltech.edu
Manager, Sequence Analysis Facility, Biology Division, Caltech
More information about the Beowulf
mailing list