rsh(8sec)
Executes a remote command
Synopsis
rsh [-FKdfnx] [-l username] host [command]
Arguments
host
The name of the host on which to execute the remote command.
command
The command to execute remotely. If no command is specified, you will be logged in on the remote host using rlogin(8sec)
Options
-F
Forwards the local credentials to the remote system for use by the specified command and marks the remote credentials as Forwardable, allowing them to be forwarded
from there to another remote system.
-K
Turns off all Kerberos authentication.
-d
Turns on socket debugging (using setsockopt(2)) for the TCP sockets used to communicate with the remote host.
-f
Forwards the local credentials to the remote system for use by the specified command and marks the remote credentials as Non-Forwardable. The credentials cannot be
forwarded from there to another remote system.
-l
Allows the remote username to be specified. By default, the remote username is the same as the local username.
-n
Redirects input from the special device /dev/null. See Bugs for more information.
-x
Turns on DES encryption for all data exchange. DES encryption may introduce a significant delay in response time. This option is subject to export control.
Description
The rsh command executes commands on the remote host. To accomplish this, the rsh command copies its standard input to the remote command, the standard output of the remote command to its standard output, and the standard error of the remote command to its standard error. Interrupt, quit, and terminate signals are propagated to the remote command. The rsh command normally terminates when the remote command does.
The rsh command first attempts to use Kerberos V5 protocol to authenticate to a remote host. If the authentication is successful, user authorization is performed as described in Kerberos Authorization below. If the remote host does not support Kerberos, the command uses the standard Berkeley rhosts authorization mechanism.
Shell metacharacters that are enclosed in quotation marks are interpreted on the remote machine. Shell metacharacters that are not enclosed in quotation marks are interpreted on the local machine.
For example, the following command appends the remote file remotefile to the local file localfile:
rsh otherhost cat remotefile >> localfile
The following command appends the remote file remotefile to the remote file other_remotefile.
rsh otherhost cat remotefile >> other_remotefile
Kerberos Authorization
In order for Kerberos V5 authorization to succeed, the remote account must exist in the remote systems password file. If the local principal is using the -l option to log into a remote account with a name that differs from the principals local account name, either one of the following conditions must be true:
· A .k5login file containing the local principals name, in the form principal@realm, must exist in the remote accounts home directory. The remote account name must be the owner of the .k5login file and the only name granted write permission. In other words, the files permissions must be -rw---r -
· A Kerberos V5 authorization name database file must exist on the remote system. This file must contain the name of the local principal and map the principal to an account on the remote system.
If -l option is not being used, that is, the local principal is logging into a remote account (in the same realm) with the same name as the principals local name, neither of the above conditions are required to be met.
If Kerberos authentication fails, a warning message is printed, and the standard Berkeley rlogin is used.
Bugs
If you are using csh(1) and put a rsh(8sec) in the background without redirecting its input away from the terminal, it will block even if no reads are posted by the remote command. For no input, redirect the input of rsh to /dev/null using the -n option.
You cannot run an interactive command (like rogue(6) or vi(1)) with rsh. Instead, use rlogin(8sec).
Stop signals stop the local rsh process only.
Diagnostics
rlogin: reason
An error occured in executing rlogin. (The rlogin command is executed when the user does not specify any commands to be executed.)
This error is followed by the reason the execution failed.
shell/tcp: unknown service
cant get entry for entry_name/tcp service
The shell service specification is not present in the /etc/services file.
cant establish stderr
The remsh command cannot establish secondary socket connection for stderr.
system call: reason
An error occured in executing system call. The reason for the failure is appended to this error.
unknown user id
Check with the system administrator to see if your entry in the password file has been deleted by mistake.
rcmd: connect: hostname: Connection refused
One cause for display of this generic error message could be the absence of an entry for hostname in
/etc/inetd.conf on the remote system. This entry may have been removed or commented out to prevent non-secure access.
kcmd to host hostname failed - error message
An error occurred during Kerberos authentication. The Kerberos-specific error message is displayed.
warning, using standard rsh: error message
Kerberos authentication failed and the host is retrying using the standard Berkeley rhosts authorization mechanism.
Related Information
Commands:
Files: .k5login, /etc/hosts