Learn the UNIX/Linux command line
Home Man Pages
RSH(1) RSH(1)
NAME
rsh - remote shell
SYNOPSIS
rsh host [-l username] [-n] [-d] [-k realm] [-f | -F] [-x] [-PN | -PO]
command
DESCRIPTION
Rsh connects to the specified host, and executes the specified com-
mand. Rsh copies its standard input to the remote command, the stan-
dard output of the remote command to its standard output, and the
standard error of the remote command to its standard error. This
implementation of rsh will accept any port for the standard error
stream. Interrupt, quit and terminate signals are propagated to the
remote command; rsh normally terminates when the remote command does.
Each user may have a private authorization list in a file .k5login in
his login directory. Each line in this file should contain a Kerberos
principal name of the form principal/instance@realm. If there is a
~/.k5login file, then access is granted to the account if and only if
the originater user is authenticated to one of the princiapls named in
the ~/.k5login file. Otherwise, the originating user will be granted
access to the account if and only if the authenticated principal name
of the user can be mapped to the local account name using the aname ->
lname mapping rules (see krb5_anadd(8) for more details).
OPTIONS
-l username
sets the remote username to username. Otherwise, the remote
username will be the same as the local username.
-x causes the network session traffic to be encrypted. This
applies only to the input and output streams, and not the com-
mand line.
-f cause nonforwardable Kerberos credentials to be forwarded to
the remote machine for use by the specified command. They will
be removed when command finishes. This option is mutually
exclusive with the -F option.
-F cause forwardable Kerberos credentials to be forwarded to the
remote machine for use by the specified command. They will be
removed when command finishes. This option is mutually exclu-
sive with the -f option.
-k realm
causes rsh to obtain tickets for the remote host in realm
instead of the remote host's realm as determined by krb_real-
mofhost(3).
-d turns on socket debugging (via setsockopt(2)) on the TCP sock-
ets used for communication with the remote host.
-n redirects input from the special device /dev/null (see the BUGS
section below).
-PN
-PO Explicitly request new or old version of the Kerberos ''rcmd''
protocol. The new protocol avoids many security problems found
in the old one, but is not interoperable with older servers.
(An "input/output error" and a closed connection is the most
likely result of attempting this combination.) If neither
option is specified, some simple heuristics are used to guess
which to try.
If you omit command, then instead of executing a single command, you
will be logged in on the remote host using rlogin(1).
Shell metacharacters which are not quoted are interpreted on the local
machine, while quoted metacharacters are interpreted on the remote
machine. Thus the command
rsh otherhost cat remotefile >> localfile
appends the remote file remotefile to the local file localfile, while
rsh otherhost cat remotefile ">>" otherremotefile
appends remotefile to otherremotefile.
FILES
/etc/hosts
~/.k5login (on remote host) - file containing Kerberos principals
that are allowed access.
SEE ALSO
rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), kshd(8)
BUGS
If you are using csh(1) and put a rsh(1) in the background without
redirecting its input away from the terminal, it will block even if no
reads are posted by the remote command. If no input is desired you
should redirect the input of rsh to /dev/null using the -n option.
You cannot run an interactive command (like rogue(6) or vi(1)); use
rlogin(1).
Stop signals stop the local rsh process only; this is arguably wrong,
but currently hard to fix for reasons too complicated to explain here.
RSH(1)
UNIX/Linux commands referenced on this page: