1

I have two hosts with Red Hat 7.4 , HostA and HostB.
The rsh-server and rsh packages was installed in both.
At both hosts, the rsh deamon was activated, the commands rsh,rlogin,rexec was added to /etc/securetty, at /etc/hosts.equiv the HostA and HostB was added.

From hostA, with root, when I run rsh hostb, connects successfully without ask password.
From hostA, with any other user, give the error : rcmd: socket: Permission denied.

From hostB, with root, when I run rsh hosta, connects successfully without ask password.
From hostB, with any other user, connects successfully without ask password.

I already try add the set bit : chmod +a $(which rsh) , but have no effect. The SELINUX is disabled on both hosts.
The firewall is disabled on both hosts.

ceinmart
  • 501
  • 1
  • 6
  • 17
  • 1
    Try giving rsh and the user `CAP_NET_ADMIN` or `CAP_NET_BIND_SERVICE` (see https://stackoverflow.com/questions/1956732/is-it-possible-to-configure-linux-capabilities-per-user/17685265#17685265 for more info) – John Militer Feb 26 '18 at 15:17
  • I update my question with more details. As you can see they work only from one host to another, but not the inverse. – ceinmart Feb 26 '18 at 15:33
  • be sure that `rsh` is not `ssh` in disguise, from memory access control is set by `host.allow`/`host.deny` and `.rhosts` in `$HOME` dir. – Archemar Feb 26 '18 at 15:35

1 Answers1

2

I got this solved.
But unfortunately I do not discover why this happen.

When I run at hostA :

# getcap /bin/rsh

They return nothing.
At hostB they return :

getcap /bin/rsh
/bin/rsh = cap_net_bind_service+ep

I just remove the package and reinstalled using yum and then they get the permissions.

But why that occur at first ? What is missing at first time it was installed ? Weird.

ceinmart
  • 501
  • 1
  • 6
  • 17