The rsh, rlogin, and rexec server should only be run on a system after carefully considering the security implications as this service offers very little security. It is strongly recommended that the OpenSSH package and SSH server (sshd) be used for better security.
In order to run an rsh, rlogin, and rexec server, the rsh-server package is required. It may be installed from your installation CDs using the rpm command:
# rpm -ivh rsh-server-*.rpm
Alternatively, if you have your system registered with Red Hat Network (RHN), you may install it using up2date or yum if you have the 5 or later version of Red Hat Enterprise Linux:
# up2date -i rsh-server
# yum install rsh-server
Follow the steps below:
1. Add hostname/username which should be accept to connect to the server into either of .rhosts or /etc/hosts.equiv file. ~/.rhosts is used for each users which should be accepted to access to the server as its user.
The following example that ‘testuser’ from ‘example.com’ is accepted to access to ‘geek’ user on rsh server.
# cat /home/geek/.rhosts example.com testuser ### Accessing from testuser of example.com is accepted
Modify the permission of ‘~/.rhosts’ file to ‘600’.
$ chmod 600 ~/.rhosts
/etc/hosts.equiv is a configuration file working for the whole system of rsh server allowed to access.
The following example that ‘testuser’ from ‘example.com’ can access, and all user from 192.168.10.5 also.
# /etc/hosts.equiv example.com testuser ← Accessing from testuser of example.com is accepted 192.168.10.5 ← All from 192.168.10.5 is accepted
2. Change both of rsh and rlogin services to ‘active’ mode with chkconfig command, and then restart ‘xinetd’ service.
# chkconfig rsh on # chkconfig rlogin on # chkconfig rexec on # service xinetd start
3. Ensure TCP Port 513/514 are open on the remote server to accept connections.
4. Accessing to the rsh server by rsh command(login to ‘testuser’ user from client side).
$ /usr/bin/rsh -l testuser 192.168.10.3
In case you would like ‘root’ user on the rsh server allowed to access, adding ‘rsh’ and ‘rlogin’ into /etc/securetty file is necessary. Plus, modifying /root/.rhosts is also needed.