Cross-host remote access to AIX rcp

Rcp usage: transfers files between a local host and a remote host or between two remote hosts. For detailed usage, see man rcp.

Copy the/tmp/work. sh (root user) of the host 10.200.5.200 to the/tmp of the remote host 180.200.3.100. The configuration process is as follows:

1. Add the ip address of the other host to the/etc/hosts file of the two hosts <---> hostname ing

Add a line in/etc/hosts of 10.200.5.200: 180.200.3.100 AIX432

Add a line in/etc/hosts of 180.200.3.100: 10.200.5.200 AIX53

2. Add the following content to the. rhosts file in the root user's home directory of the two hosts:

Add "AIX432 root" to root $ HOME/. rhosts of 10.200.5.200

Add "AIX53 root" to "root $ HOME/. rohosts" in 180.200.3.100

3. Remote replication through rcp

Run the following command on the 10.200.5.200 host as the root user:

AIX53 #Rcp/tmp/work. sh AIX432:/tmp # make sure that there is no work. sh file in the AIX432 host/tmp Directory. If yes, it will be automatically overwritten.

To copy a directory (including subdirectories and files) on 10.200.5.200 to a remote host, run the following rcp command:-r

The differences between the/etc/hosts. equiv and $ HOME/. rhosts files are as follows:

First, these two files are related to the trust relationship between hosts, that is, allow users on another machine to rlogin to the local machine without losing the password. But what is the difference between the two files?
Summary:
1. First, the two files are in the same valid format, that is, they can all be in the following format.
Host Name
Host name username
+
2. First, determine what the local machine will do if a remote host wants to rlogin to the local machine.
1) rlogind checks whether the local/etc/passwd has a remote user name. If no user name exists, access is denied.
2) if the local machine/etc/passwd has a remote user name and the user name is not root, check/etc/hosts first. equiv: Check whether the remote host name exists. If yes, access is allowed.
If it is root, skip the etc/hosts. equiv check and only check "~ Home/. rhosts ".
3) If only the remote host name is available in/etc/hosts. equiv, all non-root users on the remote host can log on to the local host without a password.
/Etc/hosts. if a remote host and a user are added to the equiv file, the user (non-root user) on the remote host can use rlogin to log on to all non-root accounts on the local machine, password is not required.
4) If the $ HOME/. rhosts file contains a remote host name, only users with the same name as the. rhosts owner on the remote host will be trusted.
$ HOME /. in the rhosts file, if it is a remote host name + user name, all users on the remote host can log on to the local host, however, the user permissions displayed on the local host correspond to the local user of $ HOME.

Configuration of rsh, rcp, rlogin, and rdist

This article from: http://www-01.ibm.com/support/docview.wss? Uid = csc149f4fd6617be81a548256f78002768da

When using remote commands such as rsh, rcp, rlogin, and rdist, Permission Denied may occur, as shown below:
Rcp 0826-813-permission denied
This document briefly discusses how to solve these problems through debugging, and describes several common debugging methods and processes through examples. The content is applicable to AIX 5L and AIX4.3.
Note:
1. Check the basic settings required for these remote commands.
To configure these remote commands, you must correctly set the. rhosts or hosts. equiv file. Two key points are:
1) confirm relevant file content and permission settings
. Rhosts and hosts. equiv are located in the $ HOME directory and/etc directory respectively. Their permission should be 600. The content should include the name of the host you are using and the user name you are logged on. Note that the host name registered in the file must exactly match the actual host name. These files should exist on the server for remote command operations. See man to get more information about the two files and their required formats.
2) verify that forward and reverse name resolution (forward and reserve name resolution) works properly on both systems, and the resolution results are consistent with what you want. For forward and reverse resolution (forward and reserve nameresolution), you can use the host command to check the host name and IP address. See the following example:
In this example, you want rsh to run the date command as root from a fozzie host to a machine named bert.
On fozzie:
# Rsh bert date
# Rshd: 0826-813 Permission is denied
If a permit rejection error occurs, go to the bert machine to check the file content and permission settings:
# Cat/. rhosts | grep fozzie
# Fozzie root
(The correct. rhosts file contains the host name of the client and the username to be logged in)
# Ls-l/. rhosts
#-Rw ------- (the permission is set to 600, which is also correct! )
The file content and permission settings seem to be correct. What is the problem? Check the name resolution again:
# Cat/etc/netsvc. conf
# Hosts = local, bind4
(The display name resolution will first use the local/etc/hosts, and then the DNS)
# Cat/etc/hosts | grep fozzie
#
(Fozzie is not found in the host file of the local machine. Therefore, bert resolves fozzie through DNS)
# Host fozzie
# Fozzie.austin.ibm.com is 10.1.4.18
# Host 10.1.4.18
# Fozzie.austin.ibm.com is 10.1.4.18
We can see that the fozzie parsed through DNS is actually fozzie.austin.ibm.com, which does not match the fozzie contained in. rhosts. To solve this problem, you can add a fozzie short name by editing/etc/hosts, or edit. rhosts to make fozzie use its long name. To be consistent with/etc/netsvc. conf, edit the/etc/hosts file
# Vi/etc/hosts
Add the following line
10.1.4.18 fozzie
Run the host command again,
# Host fozzie
Fozzie is 10.1.4.18
# Host 10.1.4.18
Fozzie is 10.1.4.18
Return to fozzie now and try rsh again
# Rsh bert date
# Tue May 21 10:16:39 CDT 2004
2. Use the who am I command for debugging
Another useful command for debugging the name resolution function of remote commands is who am I. See the following example:
Example:
Telnet or rlogin from fozzie to bert and then run who am I
# Who am I
# Root pts/0 Sep 21 :18 (10.1.4.18)
This shows that the command executor (I-I) is root and the IP address is 10.1.4.18. Bert uses an IP address instead of a name to find fozzie. To run remote commands
This must be reflected in. rhosts. Therefore, the. rhosts file should include:
10.1.4.18 root
3. Other debugging skills
Other related check items may include:
(1) authentication ):
# Lsauthent --> krb5 standard AIX
It may need to be changed to std
# Chauthent-std
# Lsauthent-> Standard AIX
(2) permission for various commands (permissions)
# Ls-al/usr/bin/rsh
-R-sr-xr-x 2 root system 303506 Feb 10/usr/bin/rsh
# Ls-l/usr/sbin/rshd
-R-sr-xr -- 1 root system 24556 Feb 10/usr/sbin/rshd
# Ls-l/usr/bin/rcp
-R-sr-xr-x 1 root system 319972 Apr 08 2001/usr/bin/rcp
# Ls-al/usr/bin/rlogin
-R-sr-xr-x 1 root bin 306328 Apr 10 2002/usr/bin/rlogin
# Ls-al/usr/sbin/rlogind
-R-sr-xr -- 1 root system 33864 Jul 17 2002/usr/sbin/rlogind
Except rshd and rlogind are 4554, all other items should be 4555-r-sr-xr-x.

Cross-host remote access to AIX rcp