Hello,

I am having trouble configuring passwordless rsh and rlogin on SLES 11 sp2.

by passwordless, I mean, I use:

Code:
rsh -l root testhost1
and without asking for a password the connection is made and authenticated.

Before I continue I want to set the record straight: I understand the security risks and implecations involved with such a passwordless configuration. I am working in a physically segregated environment with NO physical or wireless connection to the internet or any other part of the outside world. The environment is a research environment and is meant to allow for testing. The developers require passwordless rsh and rlogin as well as ssh, telnet, rsync, and other ways of connecting for the tests that they run. I cannot convince the developers to use a different method, as they are doing research that requires connecting with these different methods as part of the testing and research data they are collecting.

Now that is out of the way, so let me continue.

/etc/xinetd.d/rsh
Code:
# /etc/xinetd.d/rsh
# default: on
# description: The rshd server is the server for the rcmd(3) routine and, \
#       consequently, for the rsh(1) program.  The server provides \
#       remote execution facilities with authentication based on \
#       privileged port numbers from trusted hosts.
service shell
{
        disable = no
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rshd
}
/etc/xinetd.d/rlogin
Code:
# /etc/xinetd.d/rlogin
# default: on
# description: rlogind is the server for the rlogin(1) program.  The server \
#       provides a remote login facility with authentication based on \
#       privileged port numbers from trusted hosts.
service login
{
        disable = no
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rlogind
}
/etc/pam.d/rsh
Code:
# /etc/pam.d/rsh
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       sufficient   pam_rhosts.so
account    include      password-auth
session    optional     pam_keyinit.so    force revoke
session    required     pam_loginuid.so
session    include      password-auth
/etc/pam.d/rlogin
Code:
# /etc/pam.d/rlogin
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rlogin" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       sufficient   pam_rhosts.so
auth       include      password-auth
account    include      password-auth
password   include      password-auth
session    optional     pam_keyinit.so    force revoke
session    required     pam_loginuid.so
session    include      password-auth
/etc/hosts.equiv
Code:
# hosts.equiv   This file describes the names of the hosts which are
#               to be considered "equivalent", i.e. which are to be
#               trusted enough for allowing rsh(1) commands.
#
# hostname
+ +
/etc/securetty.bak
Code:
#
# This file contains the device names of tty lines (one per line,
# without leading /dev/) on which root is allowed to login.
#
tty1
tty2
tty3
tty4
tty5
tty6
The above is the information I have in the relevent files.

I do not have a /etc/securetty file, but I do have a /etc/securetty.bak file which I also included above.

When I try to connect I use:

Code:
rsh -l root testhost1
and it still asks me for a password.

At this point I am completely stuck. I very much appreciate any assistance with this that can be provided.

Thanks!

-S