RSH server is used to between two os unix or linux server fore sharing users to run comman on the remote server. it ofen used in cluster system.
Note:
RSH just can using by client to server,not server to client .
rsh server requier files
rsh server`s rpm
xinet rpm
exp: Red Hat Enterpise Linux 5
rsh-server-0.17-37.el5.i386.rpm
xinetd-2.3.14-10.el5.i386.rpm(这2个默认是不安装的,在安装盘中可以找到)
rsh client requier files
rsh`s rpm
exp: Red Hat Enterpise Linux 5
rsh-0.17-37.el5.src.rpm(默认是安装的)
How to config
lab Topology
the Topology by http://linux.vbird.org/linux_server/0310telnetssh.php#rsh
RSH server config
1. install RSH server `rpm
rpm -Uvh xinetd-2.3.14-10.el5.i386.rpm
rpm -Uvh rsh-server-0.17-37.el5.i386.rpm
2 modify xinet.d/` files
fiies `s name is rsh rlogin rexec
all above the files ` s " disable = yes " option must be modifyed to "default = no "
exp:
rsh
[root@rsh ~]# cat /etc/xinetd.d/rsh
# default: on
# description: The rshd server is the server for the rcmd(3) routine and, \
# consequently, for the rsh(1) program. The server provides \
# remote execution facilities with authentication based on \
# privileged port numbers from trusted hosts.
service shell
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rshd
disable = no
}
exp: rlogin
[root@rsh ~]# cat /etc/xinetd.d/rlogin
# default: on
# description: rlogind is the server for the rlogin(1) program. The server \
# provides a remote login facility with authentication based on \
# privileged port numbers from trusted hosts.
service login
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
disable = no
}
exp : rexec
[root@rsh ~]# cat /etc/xinetd.d/rexec
# default: off
# description: Rexecd is the server for the rexec(3) routine. The server \
# provides remote execution facilities with authentication based \
# on user names and passwords.
service exec
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rexecd
disable = no
}
2 Add RSH server`s and RSH client`s hosts informations
RSH server `s host files
exp :
[root@rsh ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
10.254.241.251 rsh.server rsh
10.254.241.249 rsh.client rsh
(rsh.client是rsh client的hostname,rsh.server是rsh server的hostname)
RSH client`s host files
exp:
[root@rsh ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
10.254.241.251 rsh.server rsh
3 Add the RSH client login informations
files`s name and location is /etc/hosts.equiv
exp:
[root@rsh ~]# cat /etc/hosts.equiv
rsh.client root
rsh.client rsh(rsh是用户名,client和server都有)
4 Add the RSH client`s login user for RSH server
Add the .rhosts file to the user `s document which RSH client login.
(.rhosts文件是不存在的需要创建,并添加
rsh.client root
rsh.client rsh
10.254.241.249 rsh
10.254.241.249 root
)
exp :
[root@rsh ~]# ls -la
total 132
drwxr-x--- 4 root root 4096 Jun 22 23:00 .
drwxr-xr-x 23 root root 4096 Jun 22 22:41 ..
-rw------- 1 root root 849 Jun 20 22:40 anaconda-ks.cfg
-rw------- 1 root root 1957 Jun 22 22:39 .bash_history
-rw-r--r-- 1 root root 24 Jan 6 2007 .bash_logout
-rw-r--r-- 1 root root 191 Jan 6 2007 .bash_profile
-rw-r--r-- 1 root root 176 Jan 6 2007 .bashrc
-rw-r--r-- 1 root root 100 Jan 6 2007 .cshrc
drwx------ 3 root root 4096 Jun 20 22:38 .gconf
drwx------ 2 root root 4096 Jun 20 22:38 .gconfd
-rw-r--r-- 1 root root 18700 Jun 20 22:40 install.log
-rw-r--r-- 1 root root 3859 Jun 20 22:40 install.log.syslog
-rw------- 1 root root 35 Jun 22 22:24 .lesshst
-rw------- 1 root root 30 Jun 22 22:26 .rhosts
-rw-r--r-- 1 root root 129 Jan 6 2007 .tcshrc
-rw------- 1 root root 5230 Jun 22 23:00 .viminfo
modify the .rhosts `s file purview.
chmod 600 .rhosts
5 modify some securety files to allow root can be logined by RSH client.
The securety files `s name is /etc/securetty and /etc/pam.d/rsh,but just modify only one be ok .(两个我都做了)
exp:
securetty
echo "rexec" >> /etc/securetty
echo "rlogin" >> /etc/securetty
echo "rsh" >> /etc/securetty
exp: pam.d/rsh
[root@rsh ~]# cat /etc/pam.d/rsh
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth required pam_nologin.so
#auth required pam_securetty.so
auth required pam_env.so
auth required pam_rhosts_auth.so
account include system-auth
session optional pam_keyinit.so force revoke
session include system-auth
(使用netstat -an | grep 514查看tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN
如果没有执行/etc/init.d/xinetd restart)
6 RSH client testing
[root@localhost ~]# rsh 172.16.8.23 ls
connect to address 172.16.8.23 port 544: Connection refused
Trying krb4 rsh...
connect to address 172.16.8.23 port 544: Connection refused
trying normal rsh (/usr/bin/rsh)
anaconda-ks.cfg
install.log
install.log.syslog
我使用rsh用户成功,root没有成功。
在安装Red Hat Enterpise Linux 5时,我设置了hostname,ip,dns。
Thank `s vbird`s document http://linux.vbird.org/linux_server/0310telnetssh.php#rsh
- 大小: 21.4 KB
分享到:
相关推荐
- `FallBackToRsh no`和`UseRsh no`:不使用不安全的rsh或rlogin命令。 - `BatchMode no`:不开启批量模式,意味着需要用户交互输入密码。 - `CheckHostIP yes`:检查服务器的IP地址,防止DNS欺骗。 - `...
# apt-get install openssh-server 如果下载失败,可能是由于系统需要更新的缘故,尝试更新一下,就可以了。使用以下命令: # apt-get update 三、 配置 OpenSSH 服务器 配置 OpenSSH 服务器需要修改配置文件,...
rsync -avz --rsh='ssh' $server:$path /local/backup/$server done $config_file ``` 在servers.conf文件中,每一行写入一个服务器的SSH地址和需要备份的路径,如: ``` user@server1.example.com:/data user@...
- **启用方法**:确保`sshd_config`文件中包含`Subsystem sftp /usr/lib/ssh/sftp-server`一行。 - **使用方法**:用户可以通过SFTP客户端工具(如WinSCP)连接服务器,并进行文件的上传和下载。 #### 四、小结 ...
在这个过程中,"openssh-server"是用于安装SSH服务器端,"openssh-client"则是用于安装SSH客户端。 描述部分虽然为空,但我们可以理解为这是关于如何在Ubuntu上设置SSH服务和客户端的指南。 首先,要在Ubuntu上...
配置 OpenSSH 服务器需要安装正确的 RPM 软件包,openssh-server 软件包是必不可少的,并且它依赖于 openssh 软件包的安装与否。OpenSSH 守护进程使用 /etc/ssh/sshd_config 配置文件。Red Hat Linux 9 安装的默认...
先决条件 3 台 CentOS 7 HOSTNAME ...2. CentOS 默认没有启动 ssh 无密登录,去掉 /etc/ssh/sshd_config 其中 2 行的注释,每台服务器都要设置。 RSAAuthentication yes PubkeyAuthentication y
`apt-get install openssh-server` 配置 SSH SSH 的配置都集中在 `/etc/ssh/ssh_config` 文件中。可以使用文本编辑器(如 vi)编辑该文件,添加或改变以下参数: `Host *` `ForwardAgent no` `ForwardX11 no` `...
OpenSSH 是 SSH(Secure SHell)协议的免费开源实现,旨在提供安全、加密的网络连接工具,取代传统的 telnet、ftp、rlogin、rsh 和 rcp 工具。OpenSSH 支持 SSH 协议的版本 1.3、1.5 和 2,而从版本 2.9 开始,默认...
它通常替代了传统的telnet和rsh等明文传输的协议,提高了网络安全。SSH由客户端和服务端两部分组成,客户端用于发起连接请求,服务端则负责响应并处理请求。 **二、SSH环境搭建** 1. **安装OpenSSH**:OpenSSH是SSH...
- **JMX 端口配置**:`-jmxport 8000 -rmiport 1099` 参数用于指定 JMX server 的端口,使得远程监控成为可能。 #### 五、常见问题及解决方案 - **Java 版本问题**:确保安装了正确版本的 Java SDK,且 `JAVA_HOME`...
例如,将远程文件同步到本地,命令为`rsync -v -u -a --delete --rsh=ssh --stats 用户名@主机地址:/路径/文件名 .`;反之,从本地同步到远程,命令类似。 SSH的使用不仅限于文件传输,还可以用于远程执行命令、...
rsync -v -u -a --delete --rsh=ssh --stats username@192.168.0.1:/home/username/remotefile.txt . ``` 反之,将本地文件上传到远程主机也类似,只需将目标路径改为远程主机的路径。这两个命令在使用时需确保SSH...
$sudo apt-get install openssh-server ``` 这将安装 SSH 服务器端。 安装 SSH 客户端 如果你想要安装 SSH 客户端,可以使用以下命令: ``` $sudo apt-get install openssh-client ``` 配置 SSH 服务 安装了 SSH ...
在Linux系统中,可以通过编辑`/etc/sysconfig/network-scripts/ifcfg-eth0`文件或使用`setup`工具或图形界面的`system-config-network`来设置IP地址、子网掩码和网关。 - `ping`测试:通过发送ICMP回显请求来检查...
rsync -avz --progress --delete --rsh="ssh -p 8877" user@server:/home/test C:\SyncFolder ``` 其中: - `-avz`:归档模式,保持文件权限和时间戳,压缩数据传输。 - `--progress`:显示同步进度。 - `--...
传统的网络服务如FTP、Telnet和rsh在传输数据时并未加密,容易受到网络监听和中间人攻击。OpenSSH通过使用公钥/私钥对和加密技术,为远程登录和命令执行提供了安全保障。它还支持自动身份验证,增强了登录过程的安全...