rsh



RSH(1)                                                                  RSH(1)




NAME

       rsh - remote shell


SYNOPSIS

       rsh  host [-l username] [-n] [-d] [-k realm] [-f | -F] [-x] [-PN | -PO]
       command


DESCRIPTION

       Rsh connects to the specified host, and executes the specified command.
       Rsh  copies its standard input to the remote command, the standard out-
       put of the remote command to its  standard  output,  and  the  standard
       error of the remote command to its standard error.  This implementation
       of rsh will accept any port for the standard error stream.   Interrupt,
       quit  and  terminate  signals are propagated to the remote command; rsh
       normally terminates when the remote command does.

       Each user may have a private authorization list in a file  .k5login  in
       his  login directory.  Each line in this file should contain a Kerberos
       principal name of the form principal/instance@realm.   If  there  is  a
       ~/.k5login  file,  then access is granted to the account if and only if
       the originater user is authenticated to one of the princiapls named  in
       the  ~/.k5login  file.  Otherwise, the originating user will be granted
       access to the account if and only if the authenticated  principal  name
       of  the user can be mapped to the local account name using the aname ->
       lname mapping rules (see krb5_anadd(8) for more details).


OPTIONS

       -l username
              sets the remote username to  username.   Otherwise,  the  remote
              username will be the same as the local username.

       -x     causes  the  network  session  traffic  to  be  encrypted.  This
              applies only to the input and output streams, and not  the  com-
              mand line.

       -f     cause nonforwardable Kerberos credentials to be forwarded to the
              remote machine for use by the specified command.  They  will  be
              removed  when  command finishes.  This option is mutually exclu-
              sive with the -F option.

       -F     cause forwardable Kerberos credentials to be  forwarded  to  the
              remote  machine  for use by the specified command.  They will be
              removed when command finishes.  This option is  mutually  exclu-
              sive with the -f option.

       -k realm
              causes  rsh  to  obtain  tickets  for  the  remote host in realm
              instead of the remote host’s realm as  determined  by  krb_real-
              mofhost(3).

       -d     turns on socket debugging (via setsockopt(2)) on the TCP sockets
              used for communication with the remote host.

       -n     redirects input from the special device /dev/null (see the  BUGS
              section below).

       -PN

       -PO    Explicitly  request  new or old version of the Kerberos ‘‘rcmd’’
              protocol.  The new protocol avoids many security problems  found
              in  the  old  one,  but is not interoperable with older servers.
              (An "input/output error" and a closed  connection  is  the  most
              likely  result  of  attempting  this  combination.)   If neither
              option is specified, some simple heuristics are  used  to  guess
              which to try.

       If  you  omit  command, then instead of executing a single command, you
       will be logged in on the remote host using rlogin(1).

       Shell metacharacters which are not quoted are interpreted on the  local
       machine,  while  quoted  metacharacters  are  interpreted on the remote
       machine.  Thus the command

          rsh otherhost cat remotefile >> localfile

       appends the remote file remotefile to the local file localfile, while

          rsh otherhost cat remotefile ">>" otherremotefile

       appends remotefile to otherremotefile.


FILES

       /etc/hosts
       ~/.k5login  (on remote host) - file containing Kerberos principals that
                   are allowed access.


SEE ALSO

       rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), kshd(8)


BUGS

       If  you  are  using  csh(1)  and put a rsh(1) in the background without
       redirecting its input away from the terminal, it will block even if  no
       reads  are  posted  by  the remote command.  If no input is desired you
       should redirect the input of rsh to /dev/null using the -n option.

       You cannot run an interactive command (like  rogue(6)  or  vi(1));  use
       rlogin(1).

       Stop  signals  stop the local rsh process only; this is arguably wrong,
       but currently hard to fix for reasons too complicated to explain  here.



                                                                        RSH(1)

Man(1) output converted with man2html