< Previous  | TOC | Index | Next  >

Enabling RSH

The following section describes how to enable remote shell. Veritas recommends configuring a secure shell environment for Veritas product installations. See the operating system documentation for more information on configuring remote shell.

1. To ensure that the rsh and rsh-server packages are installed, type the following command:

   # rpm -qa | grep rsh

rsh-server-0.17-25.3

rsh-0.17-25.3

2. If it is not already in the file, type the following command to append the line "rsh" to the /etc/securetty file:

   # echo "rsh" >> /etc/securetty

3. In the /etc/pam.d/rsh file, change the "auth" type from "required" to "sufficient" for "pam_rhosts_auth.so":

   auth sufficient pam_rhosts_auth.so

4. To enable the RSH server, type the following command:

   # chkconfig rsh on

5. Modify the .rhosts file. Each line of the .rhosts file contains a fully qualified domain name or IP address for each remote system, and the name of a user having access to the local system. For example, if the root user must remotely access system1 from system2, add an entry for system2.companyname.com to the .rhosts file on system1 by typing the following command:

   # echo "system2.companyname.com" >> $HOME/.rhosts

6. Install the Veritas product.
7. Remove the "rsh" entry in the /etc/securetty file.
8. Disable the RSH server by typing the following command:

   # chkconfig rsh off

9. After completing an installation procedure, delete the .rhosts file from each user's $HOME directory to ensure security:

   # rm -f $HOME/.rhosts