Provides the server function for remote command execution.
usr/sbin/krshd [ -s ]
Note: The rshd daemon is normally started by the inetd daemon. It can also be controlled from the command line, using SRC commands.
The /usr/sbin/krshd daemon is the server for the rcp and rsh commands using Kerberos authentication. The krshd daemon provides remote execution of shell commands. These commands are based on requests from privileged sockets on trusted hosts. The shell commands must have user authentication. The krshd daemon listens at the kshell socket defined in the /etc/services file.
Changes to the krshd daemon can be made using the System Management Interface Tool (SMIT) or System Resource Controller (SRC), by editing the /etc/inetd.conf or /etc/services file. Entering krshd at the command line is not recommended. The krshd daemon is started by default when it is uncommented in the /etc/inetd.conf file.
The inetd daemon gets its information from the /etc/inetd.conf file and the /etc/services file.
After changing the /etc/inetd.conf or /etc/services file, run the refresh -s inetd or kill 1 InetdPID command to inform the inetd daemon of the changes to its configuration file.
When the krshd daemon receives a service request, it initiates the following protocol:
The krshd daemon is controlled by using the System Management Interface Tool (SMIT) or by changing the /etc/inetd.conf file. Entering krshd at the command line is not recommended.
The krshd daemon is a subserver of the inetd daemon, which is a subsystem of the System Resource Controller (SRC). The krshd daemon is a member of the tcpip SRC subsystem group. Using the chauthent command will comment/uncomment the kshell line in the /etc/inetd.conf file and restart the inetd daemon depending on whether Kerberos 5 or Kerberos 4 is configured/unconfigured. This daemon should be manipulated using the chauthent/lsauthent commands. Direct modification of the inetd.conf file's kshell entry in not recommended.
-s | Turns on socket-level debugging. |
Note: The arguments for the krshd daemon can be specified by using SMIT or by editing the /etc/inetd.conf file.
startsrc -t kshelThis command starts the krshd subserver.
stopsrc -t kshelThis command allows all pending connections to start and existing connections to complete but prevents new connections from starting.
stopsrc -t -f kshellThis command terminates all pending connections and existing connections immediately.
lssrc -t kshellThis command returns the daemon's name, process ID, and state (active or inactive).
Note: using the chauthent command will comment/uncomment the kshell line in the /etc/inetd.conf file and restart the inetd daemon depending on whether Kerberos 5 or Kerberos 4 is configured/unconfigured.
The rsh command.
The inetd daemon.
The kvalid_user function.
The /etc/hosts.equiv file format, /etc/inetd.conf file format, and /etc/services file format.
Network Overview in AIX Version 4.3 System Management Guide: Communications and Networks.
Secure Rcmds in AIX Version 4.3 System User's Guide: Communications and Networks.