Red Hat Bugzilla – Bug 54387
"rsh host command" does not work.
Last modified: 2015-03-04 20:09:48 EST
[eugene@ekanter03 eugene]$ rsh -l ekanter solaris2.6host initializing for Solaris... % exit % logout rlogin: connection closed. [eugene@ekanter03 eugene]$ rsh -l ekanter solaris2.6host w poll: protocol failure in circuit setup [eugene@ekanter03 eugene]$
I was able to connect both ways between a system with rsh-0.17-5 and unpatched Solaris 2.6 on an Ultra 1. The only time I saw the protocol error was when I had misconfigured inetd (was trying to have the in.rshd run under truss, forgot to include truss in the argument list at the end of the line in the config file), which resulted in the connection being closed immediately. Can you please try running the server end under truss and attaching the output? The inetd.conf line should look something like this: shell stream tcp nowait root /usr/bin/truss truss -o /tmp/rshd.log /usr/sbin/in.rshd
Created attachment 34921 [details] requested log file
after reading log file I figured out that default 7.2 firewall is the problem. I do not understand why. Please investigate. added -l option to ipchans. here is the line from firewall log: Oct 24 16:34:24 ekanter03 kernel: Packet log: input REJECT eth0 PROTO=6 solaris2.6:1023 ekanter03:1021 L=44 S=0x00 I=49543 F=0x4000 T=254 SYN (#1) seems like default firewall setup breaks some rsh functionality.
This is something to be expected. Firewall rules are there to disallow connections, not to allow them. Especially as rsh like telnet is a very insecure protocol to begin with it is very desirable even for low security firewalls to deny the use of this protocol. I'll close this bug as not a bug as it isn't something than can be fixed in rsh. Either reassign it to ipchains/iptables or even anaconda if you think this should be changed or simply open a new bug there. Thanks, Read ya, Phil