在linux下实现两个节点的rlogin无密码互通
作者:olivenan@hotmail.com
配置ssh无密码互通见:
http://blog.chinaunix.net/u/7121/showart_445404.html1、检查有无安装rsh-server包
[root@racnode1 ~]# rpm -qa rsh-server
2、 安装rsh-server包
[root@racnode1 package]# rpm -ivh rsh-server-0.17-25.4.i386.rpm
warning: rsh-server-0.17-25.4.i386.rpm: V3 DSA signature: NOKEY, key ID b38a8516
Preparing... ########################################### [100%]
1:rsh-server ########################################### [100%]
[root@racnode1 package]#
3、修改cd /etc/xinetd.d/目录下的rlogin,将disable= yes改为disable= no
[root@racnode1 package]# vi /etc/xinetd.d/rlogin
# default: on
# description: rlogind is the server for the rlogin(1) program. The server \
# provides a remote login facility with authentication based on \
# privileged port numbers from trusted hosts.
service login
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
disable = no
}
4、同样修改cd /etc/xinetd.d/目录下的rsh,将disable= yes改为disable= no
[root@racnode1 package]# vi /etc/xinetd.d/rsh
# default: on
# description: The rshd server is the server for the rcmd(3) routine and, \
# consequently, for the rsh(1) program. The server provides \
# remote execution facilities with authentication based on \
# privileged port numbers from trusted hosts.
service shell
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rshd
disable = no
}
5、重启xinetd服务
[root@racnode1 package]# service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
6、重启xinetd服务
将rexec、rlogin、rsh加入到/etc/securetty
[root@racnode1 ~]# echo "rexec" >> /etc/securetty
[root@racnode1 ~]# echo "rlogin" >> /etc/securetty
[root@racnode1 ~]# echo "rsh" >> /etc/securetty
7、添加/etc/hosts.equiv
vi /etc/hosts.equiv
racnode1
racnode2
priv1
priv2
crs_vip1
crs_vip2
[root@racnode1 package]# vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 racnode1 localhost.localdomain localhost
192.168.6.251 racnode1
192.168.6.252 racnode2
10.1.1.1 priv1
10.1.1.2 priv2
192.168.6.253 crs_vip1
192.168.6.254 crs_vip2
~
8、添加.rhosts
[root@racnode1 package]# vi ~/.rhosts
racnode1 root
racnode2 root
priv1 root
priv2 root
~
通过以上配置就可以实现无密码互通了
9、在使用rsh或rlogin到另一个节点时有如下提示:
[root@racnode1 init.d]# rsh racnode2
connect to address 192.168.6.252: Connection refused
Trying krb4 rlogin...
connect to address 192.168.6.252: Connection refused
trying normal rlogin (/usr/bin/rlogin)
Last login: Mon Apr 21 14:36:32 from racnode1
You have new mail.
[root@racnode2 ~]#
[root@racnode1 init.d]# rlogin racnode2
connect to address 192.168.6.252: Connection refused
Trying krb4 rlogin...
connect to address 192.168.6.252: Connection refused
trying normal rlogin (/usr/bin/rlogin)
Last login: Mon Apr 21 14:42:17 from racnode1
You have new mail.
[root@racnode2 ~]#
查看默认rlogin使用的安装包
[root@racnode1 init.d]# rpm -qf `which rlogin`
krb5-workstation-1.3.4-27
[root@racnode1 init.d]#
[root@racnode2 ~]# rpm -qf `which rsh`
krb5-workstation-1.3.4-27
[root@racnode2 ~]#
解决方法:1、将默认的rlogin和rsh改名
[root@racnode2 ~]# which rsh
/usr/kerberos/bin/rsh
[root@racnode2 ~]# mv /usr/kerberos/bin/rsh /usr/kerberos/bin/rsh.original
[root@racnode2 ~]# mv /usr/kerberos/bin/rlogin /usr/kerberos/bin/rlogin.original
[root@racnode2 ~]# mv /usr/kerberos/bin/rcp /usr/kerberos/bin/rcp.original
[root@racnode2 ~]#
2、删除包krb5-workstation-1.3.4-27
[root@racnode2 ~]# rpm -e krb5-workstation-1.3.4-27
阅读(3657) | 评论(0) | 转发(0) |
