
rsh server config


RSH server is used to between two os unix or linux server fore sharing users to run comman on the remote server. it ofen used in cluster system.


RSH just can using by client to server,not server to client .

rsh server requier files

rsh server`s rpm

xinet rpm

exp: Red Hat Enterpise Linux 5

rsh client requier files

rsh`s rpm

exp: Red Hat Enterpise Linux 5

How to config

lab Topology

the Topology by http://linux.vbird.org/linux_server/0310telnetssh.php#rsh

RSH server config

1. install RSH server `rpm

rpm -Uvh xinetd-2.3.14-10.el5.i386.rpm
rpm -Uvh rsh-server-0.17-37.el5.i386.rpm

2 modify xinet.d/` files

fiies `s name is rsh rlogin rexec

all above the files ` s " disable = yes " option must be modifyed to "default = no "



[root@rsh ~]# cat /etc/xinetd.d/rsh
# default: on
# description: The rshd server is the server for the rcmd(3) routine and, \
#       consequently, for the rsh(1) program. The server provides \
#       remote execution facilities with authentication based on \
#       privileged port numbers from trusted hosts.
service shell
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rshd
        disable                 = no

exp: rlogin

[root@rsh ~]# cat /etc/xinetd.d/rlogin
# default: on
# description: rlogind is the server for the rlogin(1) program. The server \
#       provides a remote login facility with authentication based on \
#       privileged port numbers from trusted hosts.
service login
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rlogind
        disable                 = no

exp : rexec

[root@rsh ~]# cat /etc/xinetd.d/rexec
# default: off
# description: Rexecd is the server for the rexec(3) routine. The server \
#       provides remote execution facilities with authentication based \
#       on user names and passwords.
service exec
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rexecd
        disable                 = no

2 Add RSH server`s and RSH client`s hosts informations

RSH server `s host files

exp :

[root@rsh ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6 rsh.server rsh rsh.client rsh
(rsh.client是rsh client的hostname,rsh.server是rsh server的hostname)
RSH client`s host files


[root@rsh ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6 rsh.server rsh

3 Add the RSH client login informations

files`s name and location is /etc/hosts.equiv


[root@rsh ~]# cat /etc/hosts.equiv
rsh.client root
rsh.client rsh(rsh是用户名,client和server都有)

4 Add the RSH client`s login user for RSH server

Add the .rhosts file to the user `s document which RSH client   login.
rsh.client root
rsh.client rsh rsh root

exp :

[root@rsh ~]# ls -la
total 132
drwxr-x--- 4 root root 4096 Jun 22 23:00 .
drwxr-xr-x 23 root root 4096 Jun 22 22:41 ..
-rw------- 1 root root   849 Jun 20 22:40 anaconda-ks.cfg
-rw------- 1 root root 1957 Jun 22 22:39 .bash_history
-rw-r--r-- 1 root root    24 Jan 6 2007 .bash_logout
-rw-r--r-- 1 root root   191 Jan 6 2007 .bash_profile
-rw-r--r-- 1 root root   176 Jan 6 2007 .bashrc
-rw-r--r-- 1 root root   100 Jan 6 2007 .cshrc
drwx------ 3 root root 4096 Jun 20 22:38 .gconf
drwx------ 2 root root 4096 Jun 20 22:38 .gconfd
-rw-r--r-- 1 root root 18700 Jun 20 22:40 install.log
-rw-r--r-- 1 root root 3859 Jun 20 22:40 install.log.syslog
-rw------- 1 root root    35 Jun 22 22:24 .lesshst
-rw------- 1 root root    30 Jun 22 22:26 .rhosts
-rw-r--r-- 1 root root   129 Jan 6 2007 .tcshrc
-rw------- 1 root root 5230 Jun 22 23:00 .viminfo

modify the .rhosts `s file purview.

chmod 600 .rhosts

5 modify some securety files to allow root can be logined by RSH client.

The securety files `s name is /etc/securetty and /etc/pam.d/rsh,but just modify only one be ok .(两个我都做了)



echo "rexec" >> /etc/securetty

echo "rlogin" >> /etc/securetty

echo "rsh" >> /etc/securetty

exp: pam.d/rsh

[root@rsh ~]# cat /etc/pam.d/rsh
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
#auth       required     pam_securetty.so
auth       required     pam_env.so
auth       required     pam_rhosts_auth.so
account    include      system-auth
session    optional     pam_keyinit.so    force revoke
session    include      system-auth

(使用netstat -an | grep 514查看tcp        0      0       *                   LISTEN
如果没有执行/etc/init.d/xinetd restart)
6 RSH client testing

[root@localhost ~]# rsh ls
connect to address port 544: Connection refused
Trying krb4 rsh...
connect to address port 544: Connection refused
trying normal rsh (/usr/bin/rsh)

在安装Red Hat Enterpise Linux 5时,我设置了hostname,ip,dns。

Thank `s vbird`s document http://linux.vbird.org/linux_server/0310telnetssh.php#rsh

