Filter
Top Products
Configuring Additional File Transfer Functions
Configuring a Router to Use rsh and rcp
FC-249
Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.1
This feature is enabled by default. You can disable the DNS check for RCMD (rsh and rcp) access using
the the following command in global configuration mode:
Configuring a Router to Use rsh
You can use rsh to execute commands on remote systems to which you have access. When you issue the
rsh command, a shell is started on the remote system. The shell allows you to execute commands on the
remote system without having to log in to the target host.
You do not need to connect to the system, router, or access server and then disconnect after you execute
a command if you use rsh. For example, you can use rsh to remotely look at the status of other devices
without connecting to the target device, executing the command, and then disconnecting. This capability
is useful for looking at statistics on many different routers.
Maintaining rsh Security
To gain access to a remote system running rsh, such as a UNIX host, an entry must exist in the
system’s .rhosts file or its equivalent identifying you as a user who is authorized to execute commands
remotely on the system. On UNIX systems, the .rhosts file identifies users who can remotely execute
commands on the system.
You can enable rsh support on a router to allow users on remote systems to execute commands. However,
our implementation of rsh does not support an .rhosts file. Instead, you must configure a local
authentication database to control access to the router by users attempting to execute commands
remotely using rsh. A local authentication database is similar to a UNIX .rhosts file. Each entry that you
configure in the authentication database identifies the local user, the remote host, and the remote user.
Configuring the Router to Allow Remote Users to Execute Commands Using rsh
To configure the router as an rsh server, use the following commands in global configuration mode:
To disable the software from supporting incoming rsh commands, use the no ip rcmd rsh-enable
command.
Command Purpose
no ip rcmd domain-lookup
Disables Domain Name Service (DNS) lookup for rsh and rcp
communications.
Command Purpose
Step 1
ip rcmd remote-host local-username {ip-address |
host} remote-username
[enable [level]]
Creates an entry in the local authentication database
for each remote user who is allowed to execute rsh
commands.
Step 2
ip rcmd rsh-enable
Enables the software to support incoming rsh
commands.