Ok, a little more research has yielded the following. (Oh, btw, I'm still new at this sysadmin thing, so forgive me for not looking at this log file sooner) Here's what /var/log/messages tells me: Jan 24 12:55:51 cpq350 pam_rhosts_auth[5948]: allowed to 2dieck@ncr_4100 as 2die ck Jan 24 12:55:51 cpq350 PAM_pwdb[5948]: (rsh) session opened for user 2dieck by ( uid=0) Jan 24 12:55:53 cpq350 PAM_pwdb[5948]: (rsh) session closed for user 2dieck Jan 24 13:02:16 cpq350 pam_rhosts_auth[6020]: allowed to 2dieck@ncr_4100 as 2die ck Jan 24 13:02:16 cpq350 PAM_pwdb[6020]: (rsh) session opened for user 2dieck by ( uid=0) Jan 24 13:02:16 cpq350 rshd[6021]: can't get stderr port: Resource temporarily u navailable Jan 24 13:02:16 cpq350 inetd[476]: pid 6021: exit status 1 As you can see, at 12:55, the rcp and rsh commands went fine. But, the next one bombs. Also, I got this message from an overnight process that rcp's a file from the fax server to the NCR box: rcmd: socket: All ports in use My questiion now becomes, what can I do to prevent this in the future? Thanks again, Wayne Stout Hantover, Inc. http://www.hantover.com _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
