2 RSHD(8) UNIX System Manager's Manual RSHD(8)
5 r
\brs
\bsh
\bhd
\bd - remote shell server
7 S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
8 r
\brs
\bsh
\bhd
\bd [-
\b-a
\bai
\bik
\bkl
\bln
\bnv
\bvx
\bxP
\bPL
\bL] [-
\b-p
\bp _
\bp_
\bo_
\br_
\bt]
10 D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
11 r
\brs
\bsh
\bhd
\bd is the server for the rsh(1) program. It provides an authenticated
12 remote command execution service. Supported options are:
14 -
\b-n
\bn, -
\b--
\b-n
\bno
\bo-
\b-k
\bke
\bee
\bep
\bpa
\bal
\bli
\biv
\bve
\be
15 Disables keep-alive messages. Keep-alives are packets sent at
16 certain intervals to make sure that the client is still there,
17 even when it doesn't send any data.
19 -
\b-k
\bk, -
\b--
\b-k
\bke
\ber
\brb
\bbe
\ber
\bro
\bos
\bs
20 Assume that clients connecting to this server will use some form
21 of Kerberos authentication. See the _
\bE_
\bX_
\bA_
\bM_
\bP_
\bL_
\bE_
\bS section for a sample
22 inetd.conf(5) configuration.
24 -
\b-x
\bx, -
\b--
\b-e
\ben
\bnc
\bcr
\bry
\byp
\bpt
\bt
25 For Kerberos 4 this means that the connections are encrypted.
26 Kerberos 5 can negotiate encryption even without this option, but
27 if it's present r
\brs
\bsh
\bhd
\bd will deny unencrypted connections. This op-
28 tion implies -
\b-k
\bk.
30 -
\b-v
\bv, -
\b--
\b-v
\bva
\bac
\bcu
\buo
\bou
\bus
\bs
31 If the connecting client does not use any Kerberised authentica-
32 tion, print a message that complains about this fact, and exit.
33 This is helpful if you want to move away from old port-based au-
36 -
\b-P
\bP When using the AFS filesystem, users' authentication tokens are
37 put in something called a PAG (Process Authentication Group).
38 Multiple processes can share a PAG, but normally each login ses-
39 sion has its own PAG. This option disables the s
\bse
\bet
\btp
\bpa
\bag
\bg() call, so
40 all tokens will be put in the default (uid-based) PAG, making it
41 possible to share tokens between sessions. This is only useful in
42 peculiar environments, such as some batch systems.
44 -
\b-i
\bi, -
\b--
\b-n
\bno
\bo-
\b-i
\bin
\bne
\bet
\btd
\bd
45 The -
\b-i
\bi option will cause r
\brs
\bsh
\bhd
\bd to create a socket, instead of as-
46 suming that its stdin came from inetd(8). This is mostly useful
49 -
\b-p
\bp _
\bp_
\bo_
\br_
\bt, -
\b--
\b-p
\bpo
\bor
\brt
\bt=
\b=_
\bp_
\bo_
\br_
\bt
50 Port to use with -
\b-i
\bi.
52 -
\b-a
\ba This flag is for backwards compatibility only.
54 -
\b-L
\bL This flag enables logging of connections to syslogd(8). This op-
55 tion is always on in this implementation.
61 E
\bEX
\bXA
\bAM
\bMP
\bPL
\bLE
\bES
\bS
62 The following can be used to enable Kerberised rsh in inetd.cond(5),
63 while disabling non-Kerberised connections:
65 shell stream tcp nowait root /usr/libexec/rshd rshd -v
66 kshell stream tcp nowait root /usr/libexec/rshd rshd -k
67 ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx
69 S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
72 H
\bHI
\bIS
\bST
\bTO
\bOR
\bRY
\bY
73 The r
\brs
\bsh
\bhd
\bd command appeared in 4.2BSD.
75 A
\bAU
\bUT
\bTH
\bHO
\bOR
\bRS
\bS
76 This implementation of r
\brs
\bsh
\bhd
\bd was written as part of the Heimdal Kerberos 5
79 HEIMDAL November 22, 2002 2