[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home |
Legal |
Search ]
Commands Reference, Volume 4
rshd Daemon
Purpose
Provides the server function for remote command execution.
Syntax
Note
The
rshd daemon
is usually started by the
inetd daemon. It can also be controlled from the command line, using SRC
commands.
/usr/sbin/rshd [ -c ] [ -s ]
Description
The /usr/sbin/rshd daemon is
the server for the rcp and rsh commands. The rshd daemon provides remote execution of shell commands. These commands
are based on requests from privileged sockets on trusted hosts. The shell
commands must have user authentication. The rshd daemon
listens at the socket defined in the /etc/services file.
Changes to the rshd daemon can
be made using the System Management Interface Tool (SMIT) or System Resource
Controller (SRC), by editing the /etc/inetd.conf or /etc/services file. Entering rshd at the command line
is not recommended. The rshd daemon is started by default
when it is uncommented in the /etc/inetd.conf file.
The inetd daemon get its information
from the /etc/inetd.conf file
and the /etc/services file.
After changing the /etc/inetd.conf or /etc/services file, run
the refresh -s inetd or kill -1 InetdPID command to
inform the inetd daemon of the changes to its configuration
file.
Service Request Protocol
When the rshd daemon receives
a service request, it initiates the following protocol:
- The rshd daemon checks
the source port number for the request. If the port number is not in the range
0 through 1023, the rshd daemon terminates the connection.
- The rshd daemon reads characters
from the socket up to a null byte. The string read is interpreted as an ASCII
number (base 10). If this number is nonzero, the rshd daemon
interprets it as the port number of a secondary stream to be used as standard
error. A second connection is created to the specified port on the client
host. The source port on the local host is also in the range 0 through 1023.
- The rshd daemon uses the
source address of the initial connection request to determine the name of
the client host. If the name cannot be determined, the rshd daemon uses the dotted decimal representation of the client host's address.
- The rshd daemon retrieves
the following information from the initial socket:
- A null-terminated string of at most 16 bytes
interpreted as the user name of the user on the client host.
- A null-terminated string of at most 16 bytes
interpreted as the user name to be used on the local server host.
- Another null-terminated string interpreted as
a command line to be passed to a shell on the local server host.
- The rshd daemon attempts
to validate the user using the following steps:
- The rshd daemon looks up
the local user name in the /etc/passwd and /etc/security/passwd file and checks to
see if the password, and therefore the user, has expired. It also verifies
that the encrypted password string is valid and tries to switch
to the home directory (using the chdir subroutine). If either the lookup or the directory change fails,
the rshd daemon terminates the connection.
- If the local user ID is a nonzero value, the rshd daemon searches the /etc/hosts.equiv file to see if the name of the client workstation
is listed. If the client workstation is listed as an equivalent host, the rshd daemon validates the user.
- If the $HOME/.rhosts file
exists, the rshd daemon tries to authenticate the user
by checking the .rhosts file.
- If either the $HOME/.rhosts authentication fails or the client host is not an equivalent host, the rshd daemon terminates the connection.
- After rshd validates the
user, the rshd daemon returns a null byte on the initial
connection and passes the command line to the user's local login shell. The
shell then inherits the network connections established by the rshd daemon.
The rshd daemon should be controlled
using the System Management Interface Tool (SMIT) or by changing the /etc/inetd.conf file. Typing rshd at the
command line is not recommended.
Manipulating the rshd Daemon with the System Resource Controller
The rshd daemon is a subserver
of the inetd daemon, which is a subsystem of the System
Resource Controller (SRC). The rshd daemon is a member of the tcpip SRC subsystem
group. This daemon is enabled by default in the /etc/inetd.conf file and can be manipulated by the following SRC commands:
|
startsrc |
Starts a subsystem, group of subsystems, or a subserver. |
|
stopsrc |
Stops a subsystem, group of subsystems, or a subserver. |
|
lssrc |
Gets the status or a subsystem, group or subsystems, or a subserver. |
Flags
|
-c |
Suppresses the reverse hostname lookup. |
|
-s |
Turns on socket-level debugging. |
Examples
Note
The arguments for the
rshd daemon can be specified by using SMIT or by editing the
/etc/inetd.conf file.
- To start the rshd daemon,
type the following:
startsrc -t shell
This command starts the rshd subserver.
- To stop the rshd daemon,
type the following:
stopsrc -t shell
This command allows all pending
connections to start and existing connections to complete but prevents new
connections from starting.
- To force stop the rshd daemon
and all rshd connections, type the following:
stopsrc -t -f shell
This command terminates all pending connections
and existing connections immediately.
- To display a short status report about the rshd daemon, type the following:
lssrc -t shell
This
command returns the daemon's name, process ID, and state (active or inactive).
Related Information
The kill command, lssrc command, refresh command, rsh command, startsrc command, stopsrc command.
The inetd daemon.
The $HOME/.rhosts file format, /etc/hosts.equiv file format, /etc/inetd.conf file format, /etc/services file format.
The rcmd subroutine.
TCP/IP Daemons in AIX 5L Version 5.2 System Management Concepts: Operating System and Devices.
[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home |
Legal |
Search ]