02-01-2011
RSH
Aside from what you already know (RSH bad, Mongo not use! Eat SSH instead.) the better way to secure RSH is to combine hosts.allow and hosts.deny so that only the AUTHORIZED stations can use it and NOTHING else. Deny should be the DEFAULT, and you want to only allow those you must.
Not askin', but sure wondering what would force the issue.
Good luck!
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a need to allow only certain IP addresses to access a machine running solaris 9. I am not sure how this can be accomplished.
Thanks in advance for your help.
Patch (2 Replies)
Discussion started by: patch
2 Replies
2. Programming
Hi All
I have a structure pointer and setting that pointer as NULL. When i tried to access the elements in the structure i am getting the error message.
"Cannot access memory at address 0x8". This i tried in LINUX.
When the same program is tried thro UNIX (HP-UX), i am not getting the message... (8 Replies)
Discussion started by: rkraj
8 Replies
3. UNIX for Advanced & Expert Users
Can kernel process access user address space ? (2 Replies)
Discussion started by: subhotech
2 Replies
4. Shell Programming and Scripting
Hi,
I need to block a ip address without logging to the server not for a single server for more number of servers. I use the tool " apf" to block an ip
apf -d <Ipaddress>
Is this can be done with the shell script.? (10 Replies)
Discussion started by: gsiva
10 Replies
5. Cybersecurity
HI,
I'm doing a research on client/server connection. I need to run the server code to open socket connection with the client code. To make the test real, I need to run the server code from a a machine far away from the client over the Internet. IN ORDER TO RUN THE CODE, the client has to know the... (3 Replies)
Discussion started by: ENG_MOHD
3 Replies
6. Solaris
We want to disable graphical logins on our Solaris 10(64bit sparc )boxes, but I haven't found any information on how to do it via google. Most likely I am using the wrong search terms (i've been looking for "xdmcp" and "x11" "disable") .
While looking through the output of "svcs -a | grep... (3 Replies)
Discussion started by: the.gooch
3 Replies
7. What is on Your Mind?
Hello Everyone,
We plan to restrict all RSS news feed access soon based on IP address. This means that if you have a website or application that using our site RSS feeds, you can still do it; but your must register you site in this thread.
So please reply with your IP address of your server... (7 Replies)
Discussion started by: Neo
7 Replies
8. Post Here to Contact Site Administrators and Moderators
Hello Everyone,
We now (only) permit access to our RSS news feed access based on IP address. This means that if you have a website or application that using our site RSS feeds, you can still do it; but your must register you site in this thread.
So please reply with your IP address of your... (9 Replies)
Discussion started by: Neo
9 Replies
9. IP Networking
Hello all,
I am trying to receive (tcp/udp/sctp) traffic from all IPs and, eventually, all ports of an IPv6 address block using as few sockets as possible short of implementing my own network stack.
One possible solution was to associate an IP block to an interface then bind to that... (6 Replies)
Discussion started by: redwil
6 Replies
RSH(1) BSD General Commands Manual RSH(1)
NAME
rsh -- remote shell
SYNOPSIS
rsh [-46dn] [-l username] [-t timeout] host [command]
DESCRIPTION
The rsh utility executes command on host.
The rsh utility copies its standard input to the remote command, the standard output of the remote command to its standard output, and the
standard error of the remote command to its standard error. Interrupt, quit and terminate signals are propagated to the remote command; rsh
normally terminates when the remote command does. The options are as follows:
-4 Use IPv4 addresses only.
-6 Use IPv6 addresses only.
-d Turn on socket debugging (using setsockopt(2)) on the TCP sockets used for communication with the remote host.
-l username
Allow the remote username to be specified. By default, the remote username is the same as the local username. Authorization is deter-
mined as in rlogin(1).
-n Redirect input from the special device /dev/null (see the BUGS section of this manual page).
-t timeout
Allow a timeout to be specified (in seconds). If no data is sent or received in this time, rsh will exit.
If no command is specified, you will be logged in on the remote host using rlogin(1).
Shell metacharacters which are not quoted are interpreted on local machine, while quoted metacharacters are interpreted on the remote
machine. For example, the command
rsh otherhost cat remotefile >> localfile
appends the remote file remotefile to the local file localfile, while
rsh otherhost cat remotefile ">>" other_remotefile
appends remotefile to other_remotefile.
FILES
/etc/hosts
/etc/auth.conf
SEE ALSO
rlogin(1), setsockopt(2), rcmd(3), ruserok(3), auth.conf(5), hosts(5), hosts.equiv(5), rlogind(8), rshd(8)
HISTORY
The rsh command appeared in 4.2BSD.
BUGS
If you are using csh(1) and put a rsh in the background without redirecting its input away from the terminal, it will block even if no reads
are posted by the remote command. If no input is desired you should redirect the input of rsh to /dev/null using the -n option.
You cannot run an interactive command (like ee(1) or vi(1)) using rsh; use rlogin(1) instead.
Stop signals stop the local rsh process only; this is arguably wrong, but currently hard to fix for reasons too complicated to explain here.
BSD
October 16, 2002 BSD