heimdal-rshd (8) - Linux Manuals
heimdal-rshd: remote shell server
NAME
rshd - remote shell server
SYNOPSIS
[-aiklnvxPL ] [-p port ]DESCRIPTION
is the server for the rsh(1) program. It provides an authenticated remote command execution service. Supported options are:- -n --no-keepalive
-
- Disables keep-alive messages. Keep-alives are packets sent at certain intervals to make sure that the client is still there, even when it doesn't send any data.
- -k --kerberos
-
- Assume that clients connecting to this server will use some form of Kerberos authentication. See the Sx EXAMPLES section for a sample inetd.conf5 configuration.
- -x --encrypt
-
- For Kerberos 4 this means that the connections are encrypted. Kerberos 5 can negotiate encryption even without this option, but if it's present will deny unencrypted connections. This option implies -k
- -v --vacuous
-
- If the connecting client does not use any Kerberised authentication, print a message that complains about this fact, and exit. This is helpful if you want to move away from old port-based authentication.
- -P
-
- When using the AFS filesystem, users' authentication tokens are put in something called a PAG (Process Authentication Group). Multiple processes can share a PAG, but normally each login session has its own PAG. This option disables the Fn setpag call, so all tokens will be put in the default (uid-based) PAG, making it possible to share tokens between sessions. This is only useful in peculiar environments, such as some batch systems.
- -i --no-inetd
-
- The -i option will cause to create a socket, instead of assuming that its stdin came from inetd(8). This is mostly useful for debugging.
- -p port --port= port
-
- Port to use with -i
- -a
-
- This flag is for backwards compatibility only.
- -L
-
- This flag enables logging of connections to syslogd(8). This option is always on in this implementation.
FILES
- /etc/hosts.equiv
- ~/.rhosts
EXAMPLES
The following can be used to enable Kerberised rsh in inetd.cond5, while disabling non-Kerberised connections:shell stream tcp nowait root /usr/libexec/rshd rshd -v kshell stream tcp nowait root /usr/libexec/rshd rshd -k ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx
HISTORY
The command appeared in BSD 4.2AUTHORS
This implementation of was written as part of the Heimdal Kerberos 5 implementation.