Executes the specified command at the remote host or logs in to the remote host.
{ rsh | remsh } RemoteHost [ -n ] [ -l User ] [ -f | -F ] [ -k realm ] [ -S ] [ -u ] [ Command ]
Access Files
If you do not specify the -l flag, the local user name is used at the remote host. If -l User is entered, the specified user name is used at the remote host.
Using Standard Authentication
The remote host allows access only if at least one of the following conditions is satisfied:
Although you can set any permissions for the $HOME/.rhosts file, it is recommended that the permissions of the .rhosts file be set to 600 (read and write by owner only).
In addition to the preceding conditions, the rsh command also allows access to the remote host if the remote user account does not have a password defined. However, for security reasons, use of a password on all user accounts is recommended.
For Kerberos 5 Authentication
The remote host allows access only if all of the following conditions are satisfied:
Remote Command Execution
When the remote command is run, pressing the Interrupt, Terminate, or Quit key sequences sends the corresponding signal to the remote process. However, pressing the Stop key sequence stops only the local process. Usually, when the remote command terminates, the local rsh process terminates.
To have shell metacharacters interpreted on the remote host, place the metacharacters inside " " (double quotation marks). Otherwise, the metacharacters are interpreted by the local shell.
When using the rsh command, you can create a link to a path (to which you have permission to write), by using a host name that is specified by the HostName parameter as the link name. For example:
ln -s /usr/bin/rsh HostName
After the link is established, you can specify the HostName parameter and a command that is specified by the Command parameter from the command line. The rsh command remotely runs the command on the remote host. The syntax is:
HostName Command
For example, if you are linked to remote host opus and want to run the date command, enter:
opus date
Because you can not specify the -l User flag, the remote command is successful only if the local user has a user account on the remote host. Otherwise, the rsh command returns a Login incorrect error message. When you specify the HostName parameter without a command, the rsh command calls the rlogin command, which logs you into the remote host. Again, for successful login, the local user must have a user account on the remote host.
For security reasons, any $HOME/.klogin file must be owned by the remote user and only the AIX owner ID has read and write access (permissions = 600) to the .klogin file.
Attention RBAC users and Trusted AIX users: This command can run privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations that are associated with this command, see the lssecattr command or the getcmdattr subcommand.
In the following examples, the local host, host1, is listed in the /etc/hosts.equiv file at the remote host, host2.
rsh host2 df
The amount of free disk space
on host2 is displayed on the local system.rsh host2 cat test1 ">>" test2
The
file test1 is appended to test2 on remote host host2.rsh host2 cat test2 >> test3
The
remote file test2 on host2 is appended to the local
file test3.rsh host2 -l jane cat test4 >> test5
The remote file test4 is appended to the local file test5 at the remote host, with user jane's permissions./usr/lpp/ssp/rcmd/bin/rsh r05n07 'export KRBTKTFILE=/tmp/rcmdtkt$$; \
/usr/lpp/ssp/rcmd/bin/rcmdtgt; \
/usr/lpp/ssp/rcmd/bin/rcp /tmp/stuff r05n05:/tmp/stuff;'
The
root user sets the KRBTKTFILE environment variable to the name of
a temporary ticket-cache file and then obtains a service ticket by
issuing the rcmdtgt command. The rcp uses the service
ticket to authenticate from host r05n07 to host r05n05. Item | Description |
---|---|
$HOME/.klogin | Specifies remote users that can use a local user account. |
/usr/lpp/ssp/rcmd/bin/rsh | Link to AIX Secure /usr/bin/rsh that calls the SP Kerberos 4 rsh routine if applicable. |
/usr/lpp/ssp/rcmd/bin/remsh | Link to AIX Secure /usr/bin/rsh that calls the SP Kerberos 4 rsh routine if applicable. |
Refer to the chapter on security in IBM® Parallel System Support Programs for AIX: Administration Guide for an overview. You can access this publication at the following Web site: http://www.rs6000.ibm.com/resource/aix_resource
Refer to the "RS/6000® SP Files and Other Technical Information" section of IBM Parallel System Support Programs for AIX: Command and Technical Reference for additional Kerberos information. You can access this publication at the following Web site: http://www.rs6000.ibm.com/resource/aix_resource