RSH(1) UNIX System V RSH(1)
NAME
rsh - remote shell
SYNOPSIS
rsh host [-l username] [-n] [-d] [-k realm] [-f | -F] [-x]
[-PN | -PO] command
DESCRIPTION
Rsh connects to the specified host, and executes the
specified command. Rsh copies its standard input to the
remote command, the standard output of the remote command to
its standard output, and the standard error of the remote
command to its standard error. This implementation of rsh
will accept any port for the standard error stream.
Interrupt, quit and terminate signals are propagated to the
remote command; rsh normally terminates when the remote
command does.
Each user may have a private authorization list in a file
.k5login in his login directory. Each line in this file
should contain a Kerberos principal name of the form
principal/instance@realm. If there is a ~/.k5login file,
then access is granted to the account if and only if the
originater user is authenticated to one of the princiapls
named in the ~/.k5login file. Otherwise, the originating
user will be granted access to the account if and only if
the authenticated principal name of the user can be mapped
to the local account name using the aname -> lname mapping
rules (see krb5_anadd(8) for more details).
OPTIONS
-l username
sets the remote username to username. Otherwise, the
remote username will be the same as the local username.
-x causes the network session traffic to be encrypted.
This applies only to the input and output streams, and
not the command line.
-f cause nonforwardable Kerberos credentials to be
forwarded to the remote machine for use by the
specified command. They will be removed when command
finishes. This option is mutually exclusive with the
-F option.
-F cause forwardable Kerberos credentials to be forwarded
to the remote machine for use by the specified command.
They will be removed when command finishes. This
option is mutually exclusive with the -f option.
-k realm
causes rsh to obtain tickets for the remote host in
Page 1 (printed 4/3/05)
RSH(1) UNIX System V RSH(1)
realm instead of the remote host's realm as determined
by krb_realmofhost(3).
-d turns on socket debugging (via setsockopt(2)) on the
TCP sockets used for communication with the remote
host.
-n redirects input from the special device /dev/null (see
the BUGS section below).
-PN
-PO Explicitly request new or old version of the Kerberos
``rcmd'' protocol. The new protocol avoids many
security problems found in the old one, but is not
interoperable with older servers. (An "input/output
error" and a closed connection is the most likely
result of attempting this combination.) If neither
option is specified, some simple heuristics are used to
guess which to try.
If you omit command, then instead of executing a single
command, you will be logged in on the remote host using
rlogin(1).
Shell metacharacters which are not quoted are interpreted on
the local machine, while quoted metacharacters are
interpreted on the remote machine. Thus the command
rsh otherhost cat remotefile >> localfile
appends the remote file remotefile to the local file
localfile, while
rsh otherhost cat remotefile ">>" otherremotefile
appends remotefile to otherremotefile.
FILES
/etc/hosts
~/.k5login (on remote host) - file containing Kerberos
principals that are allowed access.
SEE ALSO
rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3),
kshd(8)
BUGS
If you are using csh(1) and put a rsh(1) in the background
without redirecting its input away from the terminal, it
will block even if no reads are posted by the remote
command. If no input is desired you should redirect the
Page 2 (printed 4/3/05)
RSH(1) UNIX System V RSH(1)
input of rsh to /dev/null using the -n option.
You cannot run an interactive command (like rogue(6) or
vi(1)); use rlogin(1).
Stop signals stop the local rsh process only; this is
arguably wrong, but currently hard to fix for reasons too
complicated to explain here.
Page 3 (printed 4/3/05)