OK.

Jamie Rishaw jamie at intuition.iagnet.net
Sat Oct 25 17:19:07 UTC 1997


Todd R. Stroup wrote:
> 
> Looking at the source for the looking-glass though it doesn't use the
> username option for rsh command.  When useing the cisco command below 
> don't you have to use the rsh username?
> 
>  ip rcmd remote-host www 206.183.224.12 nobody
> 
> I changed the ip of the $ROUTER in lg.pl to 
> 	"www\@ipaddress.of.router"  instead of "ipaddress.of.router"
> which seems to work.  I kept getting Permission Denied without it.

You need to make sure that in 'ip rcmd' that you have local-username
defined to something that there is a 'username xxx' entry on the cisco for.

In other words, if you have (sorry syntax is probably not correct):

ip rcmd remote-host joebob lookingglass.yourcompany.com daemon enable

you have to have a

'username joebob' entry on the cisco as well.

local-username means "apply the permissions of local-username when this rsh
matches"

and remote-username is the userid of whatever your cgi-bin runs as.. if your
web server is setuid "daemon" and cgi-bins are daemon, it will only work
if you have 'daemon' as a remote-username in the ip rcmd command.

HTH,

-jamie
-- 
jamie g.k. rishaw  dal/efnet:gavroche  __    IAGnet/CICNet/netILLINOIS Netops
DID:216.902.5455 FAX:216.623.3566      \/            800.637.4IAGx5455
"It's like im being tied to the hood of a yellow rental truck being packed in
with fertilizer and fuel oil.. pushed over a cliff by a suicidal mickey mouse."



More information about the NANOG mailing list