I don't now how configuring rshd for receive command from remote root. I do all I ever do in all other distribution that I use but the message is "Permission denied"!
I want to specify that:
- rlogin WORK WELL!
- I have not installed a firewall!
- From /usr/log/messages I understand that PAM permission is passed but......
"Permission denied"

Do NOT use rsh. Use ssh instead.

That said, if you really want to use rsh (it's a VERY BAD IDEA as it's completely insecure) then you could try looking into the PAM configuration for rsh (not rlogin). With PAM, submitting the right password is not necessarily sufficient to use the service.

My PAM experience is limited so I can't say much more. You SHOULD NOT use rsh anyway.

Thank you!
I have resolved my problems by get out the pam_securetty authentication! I think that this module don't work well.

I very much doubt that it "doesn't work well."

securetty means you can only login on a tty listed in (wait for it) /etc/securetty. By default /dev/console and /dev/tty1 up to /dev/tty6 will be in there, meaning you can login from the local machine (VTs 1 to 6).

To allow rsh access you'd need to add /dev/pts/0 up to /dev/pts/X where X is the maximum number of remote connections you'd like.

Once again: DO NOT USE rsh.

OK. I must use rshd because is in use on about 10 servers that are not physically accessible from any other LAN in our project! Your method for configure the /etc/securetty I think is good only for allow root login by telnetd. For allow the rshd login I read in the /pam/rsh config file that I must write in securetty
"rsh"
and ...pay attention! on RedHat7.2 this work well. I don't now why don't work on my Mandrake 8.1. Thank you any way.

Well if you've found the rsh PAM config file you can just disable securetty and isolate that part of the problem.

Might as well just disable passwords altogether. Anyone on your network can sniff them.

thank you