Setup Remote Shell access (RSH) on CentOS 7 / RHEL 7
The Remote Shell is a command line client program that can execute the command as another user, and an another computer over the network. The rsh is a client that connects rshd server daemon, rhsd server daemon runs on tcp port no 514. Rshd does not support encryption so it is very insecure to use on the production environment, because it transfers the password plainly. Now a days rsh replaced by SSH.
Some time you might require to configure for special requirement, you can follow the simple guide to setup.
Install rsh and rshd using yum command, here is the yum configuration guide.
[root@server ~]# yum -y install rsh rsh-server
Restart the server daemons.
[root@server ~]# systemctl restart rsh.socket [root@server ~]# systemctl restart rlogin.socket [root@server ~]# systemctl restart rexec.socket
Auto start at system start-up.
[root@server ~]# systemctl enable rsh.socket [root@server ~]# systemctl enable rlogin.socket [root@server ~]# systemctl enable rexec.socket
Remote execution is controled by two files.
1. /etc/rhosts.equiv (All users except root)
2. $HOME/.rhosts (target server)
.rhosts file will be used only if the /etc/rhosts.equiv lookup is failed, both files contains list of hostname and user name which should be allowed to access.
The first column is the name of remote machines from which logins are allowed.
The second column is the name of the user who will be running rsh. If this is blank the username on the target is used.
Each of the two fields can be set to + to indicate a wildcard.
For example, to allow the user ram on the machine client.itzgeek.com to log in as raj on the target, add the line on target machine.
[raj@server ~]$ vi ~/.rhosts client.itzgeek.com ram
Now run a command from any one of the external machine listed above, for example check uptime status from external machine (client.itzgeek.com). host_name refers to your rshd server.
[ram@client ~]$ rsh -l raj host_name uptime
Disable firewall and SELinux security settings. To enable external root user to execute the command, Edit /etc/securetty file.
[root@server ~]# vi /etc/securetty
Append the following.
rsh rexec rlogin