This really depends on what kind of functionality you need. _But_ you could simply make /usr/bin/rsh a symlink to /usr/bin/ssh and make sure "ssh machine ls" works - the easiest way to get that to work is to run "ssk-keygen -t dsa" on the client and copy the resultant ~/.ssh/id_dsa.pub into the servers ~/.ssh/authorized_keys and make sure the server has RSAAuthentication yes in /etc/ssh/sshd_config
although, this of course depends on what actual functionality of rsh/rlogin/rexec you need (ie. commandline switches and whether you actually need rlogin)...
Cheers, MaZe
On Wed, 25 May 2005, Olaf Greve wrote:
Hi,
For a project at work we are currently installing a distributed software development platform which has been developed years ago. All swell, of course, but the issue is that it depends on rsh for remote application invocation.
Now... I have always been taught that rsh, rlogin and rexec are BAD and that one should really stick to SSH only.
Unfortunately, I do not have enough time to completely patch over the platform such that it will use SSH (and frankly, that's really a task the official developers should perform!), so, I'd like to temporarily enable rsh.
Now, I did some quick RTFM-ing and checking in Google, and it looks like this is provided by xinetd.
From Gnome's services menu I have enabled rsh (and hence xinetd), but I do not yet seem to be able to remotely perform something like "rsh <machine name> ls". It just says "permission denied". Good. No problem. In fact, this is probably good. ;)
So, to proceed with this the proper way, can anyone tell me how I can properly configure rsh such that I do not compromise system security too much (note: I am behind a firewall and my machine is not accessible in any way from the outside world, so there is not all too much concern in opening up rsh, even with root access)?
Also, on a more general note: I'm not familiar yet with proper PAM concepts and configuration. Does anyone know a good (and preferrably not all too long) reference guide with which I can quickly and properly familiarise myself with the concepts and the proper way of configuring it?
Tnx in advance, and cheers! Olafo _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos