The following section describes how to enable remote shell.
Veritas recommends configuring a secure shell environment for Veritas InfoScale product installations.
See Manually configuring passwordless ssh.
See the operating system documentation for more information on configuring remote shell.
To enable rsh for rhel6/sles
- To ensure that the rsh and rsh-server RPMs are installed, type the following command:
# rpm -qa | grep -i rsh
If it is not already in the file, type the following command to append the line "rsh" to the /etc/securetty file:
# echo "rsh" >> /etc/securetty
- Modify the line disable = no in the /etc/xinetd.d/rsh file.
- In the /etc/pam.d/rsh file, change the "auth" type from "required" to "sufficient":
- Add the "promiscuous" flag into /etc/pam.d/rsh and /etc/pam.d/rlogin after item "pam_rhosts_auth.so".
- To enable the rsh server, type the following command:
# chkconfig rsh on
- Modify the .rhosts file. Each line of the .rhosts file contains a fully qualified domain name or IP address for each remote system. This file also contains the name of a user having access to the local system. For example, if the root user must remotely access sys1 from sys2, add an entry for sys2.companyname.com to the .rhosts file on sys1 by typing the following command:
# echo "sys2.companyname.com" >> $HOME/.rhosts
- Install the Veritas InfoScale product.
To disable rsh for rhel6/sles
- Remove the "rsh" entry in the /etc/securetty file.
- Disable the rsh server by typing the following command:
# chkconfig rsh off
- After you complete an installation procedure, delete the .rhosts file from each user's $HOME directory to ensure security:
# rm -f $HOME/.rhosts