[Beowulf] passwordless rsh/ssh

[David Mathog]

> Ok, on the local machine (the linux box), as user fred, can you
> 
> 	rsh localhost uname

No, that does not work, not for root either.  However doing

 rsh machinename uname

does work for either user. Note this was done on one of the
target machines, the head node does not run rsh and so it
could not be tested there.

> 
> ?   If you cannot, what are the permissions on your .rhosts file? 
> Should be 600.

They are.

> 
> Next, what are the contents?

Hmm, nothing specific for root -> root for localhost.  Added

localhost root

to /root/.rhosts and now "rsh localhost uname" works for that account.
Oddly adding localhost to /etc/hosts.equiv did not have the same
effect.

Putting just 

localhost

in ~fred/.rhosts did not get the 

  rsh -l fred machinename uname  #as root

working, neither did adding

localhost fred
localhost root


> 
> Finally, we want to look at the /etc/pam.d/rsh and /etc/pam.d/rlogin. 
> You should have a line in there which reads
> 
> 	auth       sufficient   pam_rhosts_auth.so
The two files are indentical and contain:

auth       required     pam_nologin.so
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       required     pam_rhosts_auth.so
account    required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth

That seems to be enough to login without a password from
one same named account to another.  Not good enough for rsh
-l to work though.

Thanks,

David Mathog
mathog at caltech.edu
Manager, Sequence Analysis Facility, Biology Division, Caltech