On Mon, Jul 7, 2008 at 4:05 PM, John R Pierce <[EMAIL PROTECTED]> wrote:
>
> man ssh-keygen
>
Unfortunately, as with most man pages, this gives the technical
details of how the command works, not so much how to use it in
context.
However, this
(http://rcsg-gsir.imsb-dsgi.nrc-cnrc.gc.ca/documents
On Mon, Jul 7, 2008 at 7:31 PM, MHR <[EMAIL PROTECTED]> wrote:
> If I shut off the firewall on sushi (/etc/init.d/iptables stop), the
> rsh connections all work fine. I need to go research how to read the
> iptables output because right now it's greek to me - I can read the
> letters, but the word
Update:
If I shut off the firewall on sushi (/etc/init.d/iptables stop), the
rsh connections all work fine. I need to go research how to read the
iptables output because right now it's greek to me - I can read the
letters, but the words don't make sense.
(I'm an admitted newbie to networking det
MHR wrote:
This is your problem:
> REJECT all -- 0.0.0.0/00.0.0.0/0
> reject-with icmp-host-prohibited
> I'm not entirely sure what all this means - pls see above. Is that
> what happened?
If you don't need iptables then stop the service and disable it:
chkconfig --level 2345
On Mon, 2008-07-07 at 15:28 -0700, MHR wrote:
> On Mon, Jul 7, 2008 at 3:04 PM, William L. Maltby
> <[EMAIL PROTECTED]> wrote:
> >
> > I figure you've probably checked this already, but is rcpwrappers
> > installed?
>
> No, not on either system (what is rcpwrappers?).
A typoed tcpwrappers <*blus
On Mon, Jul 07, 2008 at 04:00:33PM -0700, MHR wrote:
> On Mon, Jul 7, 2008 at 3:33 PM, Stephen Harris <[EMAIL PROTECTED]> wrote:
> > *grin* switch to using ssh for your CVS connections then and bypass the
> > whole issue. rsh is insecure, anyway!
> >
>
> Yeah, but there are problems with that ap
MHR wrote:
Yeah, but there are problems with that approach. I routinely do mass
cvs commands in loops, like showing all differences between my files
and the repo files, and if there are a lot of them, I don't want to
have to input my password 100+ times
man ssh-keygen
___
On Mon, Jul 7, 2008 at 3:35 PM, nate <[EMAIL PROTECTED]> wrote:
>
> Is there a firewall on sushi? Run iptables -L -n on it, it seems like
> a firewall is blocking the connection.
>
Yes:
[EMAIL PROTECTED] mrichter]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source
On Mon, Jul 7, 2008 at 3:33 PM, Stephen Harris <[EMAIL PROTECTED]> wrote:
> On Mon, Jul 07, 2008 at 03:21:04PM -0700, MHR wrote:
>>
>> What's strange (to me) about this is that I can ping and ssh to sushi
>
> *grin* switch to using ssh for your CVS connections then and bypass the
> whole issue. rs
MHR wrote:
> 15:06:00.485527 IP sushi.ocroads.com > khan.sjhtca.com: ICMP host
> sushi.ocroads.com unreachable - admin prohibited, length 68
Is there a firewall on sushi? Run iptables -L -n on it, it seems like
a firewall is blocking the connection.
If you don't have an explicit need for a firew
On Mon, Jul 07, 2008 at 03:21:04PM -0700, MHR wrote:
>
> What's strange (to me) about this is that I can ping and ssh to sushi
*grin* switch to using ssh for your CVS connections then and bypass the
whole issue. rsh is insecure, anyway!
--
rgds
Stephen
On Mon, Jul 07, 2008 at 03:28:00PM -0700, MHR wrote:
> On Mon, Jul 7, 2008 at 3:04 PM, William L. Maltby
> > If so, are hosts.deny and hosts.allow setup good? I suspect
> They're fine. In fact, sushi is in khan's /etc/hosts file explicitly,
> and khan thinks it's on ocroads.com:
hosts.allow and
On Mon, Jul 7, 2008 at 3:04 PM, William L. Maltby
<[EMAIL PROTECTED]> wrote:
>
> I figure you've probably checked this already, but is rcpwrappers
> installed?
No, not on either system (what is rcpwrappers?).
> If so, are hosts.deny and hosts.allow setup good? I suspect
> so - I think I saw you h
On Mon, Jul 7, 2008 at 1:59 PM, Stephen Harris <[EMAIL PROTECTED]> wrote:
> On Mon, Jul 07, 2008 at 01:45:25PM -0700, MHR wrote:
>
> Are you sure there are no firewalls in place that could be blocking access?
> Note that "rsh machine" really calls "rlogin machine" and so talks on
> a different port
On Mon, 2008-07-07 at 16:59 -0400, Stephen Harris wrote:
> On Mon, Jul 07, 2008 at 01:45:25PM -0700, MHR wrote:
>
> > [EMAIL PROTECTED] lane]$ rsh khan ls
> > poll: protocol failure in circuit setup
>
> Are you sure there are no firewalls in place that could be blocking access?
> Note that "rsh
On Mon, Jul 07, 2008 at 01:45:25PM -0700, MHR wrote:
> [EMAIL PROTECTED] lane]$ rsh khan ls
> poll: protocol failure in circuit setup
Are you sure there are no firewalls in place that could be blocking access?
Note that "rsh machine" really calls "rlogin machine" and so talks on
a different port
On Mon, Jul 7, 2008 at 12:13 PM, Stephen Harris <[EMAIL PROTECTED]> wrote:
> On Mon, Jul 07, 2008 at 11:53:42AM -0700, MHR wrote:
>
> This version of rsh is probably /usr/kerberos/bin/rsh (use "type rsh"
> or "which rsh" to verify). Try using /usr/bin/rsh instead.
>
> (the krb5-workstation packag
On Mon, Jul 07, 2008 at 11:53:42AM -0700, MHR wrote:
> $ rsh khan ls
> connect to address 10.24.15.48 port 544: Connection refused
> Trying krb4 rsh...
> connect to address 10.24.15.48 port 544: Connection refused
> trying normal rsh (/usr/bin/rsh)
> poll: protocol failure in circuit setup
This v
On Mon, Jul 7, 2008 at 12:53 PM, MHR <[EMAIL PROTECTED]> wrote:
> Okay, I've narrowed the problem down quite a bit. As previously
> reported, in CentOS 5.2 I get this:
>
Well whyis port 544 and 543 getting connection refused in the logs on
the server? Are you using kerberos? Are the tickets you g
Okay, I've narrowed the problem down quite a bit. As previously
reported, in CentOS 5.2 I get this:
$ cvs log Makefile
poll: protocol failure in circuit setup
cvs [log aborted]: end of file from server (consult above messages if any)
Turns out this is a problem with rsh:
$ rsh khan ls
connect t
20 matches
Mail list logo