On Wed, 3 Feb 1999, Tuan Hoang wrote:
> Hi,
>
> I'm having problems rcp'ing to my Linux machine.
> It's running Slackware 3.6 and kernel 2.2.1.
> I can't seem to rcp from another machine (Solaris x86 and/or Linux).
> I keep get the string "Where are you?" on the client machine.
> What really boggles me is that rsh and rlogin work fine.
> (rsh gives "Where are you?" on a line before executing the command.)
>
> I have my /etc/hosts.equiv setup with the hostnames of equivalent hosts
> and my .rhosts set with the hostnames and my user name next to each on.
>
> Am I missing anything?
> Attached is a tcpdump of my failed attempt at
> "rcp optimus:/tmp/dmesg.txt ."
Just from the symptoms, I'd check if reverse DNS works on the linux
machine. After logging in, try who am i, to see if it has a valid
hostname. Setting reverse DNS is often screwed up for various reasons.
It might by your machine does not have such an entry (because your are
not in the internet). Maybe you can add it to /etc/hosts than (and add a
search to hosts to /etc/resolv.conf).
rshd and stuff only get the ip from the kernel and search a name to parse
for in /etc/hosts.equiv and ~/.rhosts. You could also try to add the IP
address in /etc/hosts.equiv and ~/.rhosts.
Also: can you login with rsh/rlogin WITHOUT entering a password? This is a
must, otherwise rcp cannot work.
Finally, apart from being unable to resolve your IP to a hostname, rshd
also checks if the hostname found for the IP, does in return resolve to
the IP (it can have several IP's attached, but one must be the one you are
in from). This consistency check does catch DNS spoofing attacks (well
some). If an inconsistency is found, most rshd's just reject the whole
session for security reasons (with the Where are you? error), regardless
of hosts.equiv and stuff.
Try checking DNS and reverse DNS with nslookup on the rcp target machine.
Michael.
--
Michael Weller: [EMAIL PROTECTED], [EMAIL PROTECTED],
or even [EMAIL PROTECTED] If you encounter an eowmob account on
any machine in the net, it's very likely it's me.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
