remote shell server
[ -k ] [ -K ] [ -X ]
rshd is the network server for programs such as
which need to execute a noninteractive shell on remote
machines. rshd is started by the inetd
``super server'', and therefore must
have an entry in the configuration file,
By default rshd enforces an authentication
procedure based on equivalence of user names (see
This procedure assumes all nodes on the network are equally
Authenticated rcp and rcmd using Kerberos
rshd listens for service requests
at the kshell port (544/tcp)
as indicated in the login services specification (see
The kshell port accepts a connection from a remote
authenticated rcmd or rcp client and
establishes authentication with the client.
Authentication takes place between the client program
(rcmd or rcp)
and the host principal where the
rshd service daemon is running
using the network credentials of the user that
invoked the client program.
The principal name for host
The machine name must be fully qualified
(for example, kvetch.your_company.com).
The service key for this host principal is cached in the local
Default Service Key Table (/krb5/v5srvtab),
and must match the service key stored in the Security Registry.
The following authentication options are supported:
Relaxed authentication mode; if authentication cannot be established, a
traditional unauthenticated connection is established.
Strict authentication mode; if authentication cannot be established,
no service is provided.
Refuse service and print the message:
rshd: Authentication is required on host: hostname
To execute commands on behalf of remote clients,
the user invoking the client must have network credentials,
and the user's principal name must appear in the
$HOME/.k5login file on the host
where rshd is running
(this file must be writable
only by the user or by root, and it must be readable
by root on the filesystem where it resides).
Authentication is based on Version 5 of the
Kerberos Network Authentication Service protocol.
Only this version of the protocol is supported.
Data encryption is not supported.
list of equivalent hosts
configuration file for inetd
Internet services list
local default service key table
access control file for the SCO Secure TCP/IP Utilities
Authenticated rshd is not part of any currently supported standard.
It is an extension of AT&T UNIX System V provided by
The Santa Cruz Operation, Inc.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003