rshd (8)
NAME
rshd
- remote shell server
SYNOPSIS
[-
aiklnvxPL
]
[-
p port
]
DESCRIPTION
is the server for
the
rsh(1)
program. It provides an authenticated remote command execution
service. Supported options are:
-
-n
--no-keepalive
-
- Disables keep-alive messages.
Keep-alives are packets sent at certain intervals to make sure that the
client is still there, even when it doesn't send any data.
-
-k
--kerberos
-
- Assume that clients connecting to this server will use some form of
Kerberos authentication. See the
Sx EXAMPLES
section for a sample
inetd.conf5
configuration.
-
-x
--encrypt
-
- For Kerberos 4 this means that the connections are encrypted. Kerberos
5 can negotiate encryption even without this option, but if it's
present
will deny unencrypted connections. This option implies
-k
-
-v
--vacuous
-
- If the connecting client does not use any Kerberised authentication,
print a message that complains about this fact, and exit. This is
helpful if you want to move away from old port-based authentication.
-
-P
-
- When using the AFS filesystem, users' authentication tokens are put in
something called a PAG (Process Authentication Group). Multiple
processes can share a PAG, but normally each login session has its own
PAG. This option disables the
Fn setpag
call, so all tokens will be put in the default (uid-based) PAG, making
it possible to share tokens between sessions. This is only useful in
peculiar environments, such as some batch systems.
-
-i
--no-inetd
-
- The
-i
option will cause
to create a socket, instead of assuming that its stdin came from
inetd(8).
This is mostly useful for debugging.
-
-p port
--port= port
-
- Port to use with
-i
-
-a
-
- This flag is for backwards compatibility only.
-
-L
-
- This flag enables logging of connections to
syslogd(8).
This option is always on in this implementation.
FILES
- /etc/hosts.equiv
-
- ~/.rhosts
-
EXAMPLES
The following can be used to enable Kerberised rsh in
inetd.cond5,
while disabling non-Kerberised connections:
shell stream tcp nowait root /usr/libexec/rshd rshd -v
kshell stream tcp nowait root /usr/libexec/rshd rshd -k
ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx
SEE ALSO
rsh(1),
iruserok(3)
HISTORY
The
command appeared in
BSD 4.2
AUTHORS
This implementation of
was written as part of the Heimdal Kerberos 5 implementation.
![assorted[chips]](/wp-content/themes/codetools-2016child/images/assortedchips_logo_black.png){kind=logo}