[nSLUG] rsh(1) as root

Mike Spencer mspencer at tallships.ca
Wed Feb 26 22:49:53 AST 2014


Executive summary: Solution found with NSLUG help.

Leaving aside the security comments,

Ben, Vlado and Dave Flogeras all asked:

b+v+d> Was "rsh -l user nudel date" among those things?

Yes. The manpage says that's how to do it. Still get "Permission denied".

Vlado wrote:

v> For synchronizing time, I would try to use the standard NTP protocol.
v> With internet connection.[....]
v> 
v> /usr/sbin/ntpdate time.nrc.ca.

That's how I keep my main box up to date episodically when dialed up.

v> /usr/sbin/hwclock --systohc

Don't know about that. I'll have to look it up, tnx. But doesn't
address the point in hand. I've avoided messing with hwclock hitherto.

> Without Internet connection, this would require running NTP server
> on your main machine.

Doable, of course, but *accurate* time on my several peripheral
machines that often sit unused for days or weeks isn't important
enough to go to a lot of trouble.

Donald wrote:

dgt> Is there a problem running ntpd, like no Internet?

Right. Main box does dialup, gets occasionally updated with ntpdate
from time.nrc.ca. I don't have the necessary stuff set up to allow
the other machines hanging off the LAN router to connect to the net
through the main box.

George wrote:

gnw> Historically, the ntp "reference" implementation did not get
gnw> along well with intermittent connections, which is one of the
gnw> reasons "chrony" was created

I was running chrony on my previous Slackware installation. After the
upgrade, it didn't work as expected and I never got around to figuring
it out.  Now using ntpdate whenever I happen to think of it.

Norm wrote:

n> Did you by chance try rdate?
n>
n> # rdate -s nudel

Hmmm.  Don't have rdate. But lessee, googling around... that gets a
binary date from port 35, RFC 868. But wait, RFC 867 says you can get
date as a text string from port 13 (daytime).  I can temporarily
enable that in /etc/inetd.conf on nudel (which has the right time),
access it from grody with:

grody-root% date -s "`telnet nudel 13 2> /dev/null |grep 2014`"

and disable daytime again on nudel.

Works like a charm. Good. Thanks for the pointer.

Monte wrote:

> Sounds like a job for clockspeed.
> http://cr.yp.to/clockspeed.html

Noted for future reference but the above seems to be adequate &
simpler.

With regard to the original, failed method, Dop wrote:

dop> Have you got a .rhosts correctly configured in root at nudel~/.rhosts? 

No. /etc/hosts, hosts.equiv and hosts.allow on all local machines
contain the relevants entries for the other local machines and
everything usually works as expected. That didn't help with the
rsh-as-root problem.


<YARN>

I do know about .rhosts because in the early 90s, I had a guest
account on a Dal Unix machine. One day a student, a Unix newbie, asked
me for help with some Unix thing and remarked that Some Other Guy, no
connection to Dal, had instructed him to create an .rhosts file so
that SOG could log into his account and help him anytime. After
reading the relevant manpages, I mentioned it to the sys admin who,
reasonably I thought, became quite agitated.  SOG has since gone on to
an IT career in NS but his little incursion trick left me not trusting
him unreservedly.

</YARN>


Thanks, all,
- Mike

-- 
Michael Spencer                  Nova Scotia, Canada       .~. 
                                                           /V\ 
mspencer at tallships.ca                                     /( )\
http://home.tallships.ca/mspencer/                        ^^-^^


More information about the nSLUG mailing list