------------------------------------------------------------------------------- Rsh Problem -- Why NOT to use Rsh problems... + rsh doesn't return the remote command's exit status + doesn't propagate tty modes when appropriate + doesn't propagate your (possibly modified) environment + uses the silliest authentication scheme imaginable ("reserved" ports) + requires logins without a password to execute remote commands + doesn't ask for a password to run a remote command if needed + no password needed check is easilly `spoofed' EG: host/username pairs + data is in the clear when sent over the network + The commands standard error is merged into its stanard output + it runs some random shell (the remote accounts login shell) + rexec passes the password IN ONE PACKET! + rsh on some machines is `restricted shell' NOT `remote shell''!!! Ssh (Secure Shell) replacement fixes all the above except... + doesn't propagate tty modes when appropriate + doesn't propagate your (possibly modified) environment but does handle X windows properly, and can pass enviroment you request! + The commands standard error is merged into its stanard output + it runs some random shell (the remote accounts login shell) and that can be a security benifit too. And many of these have no real alturnatives, or should be changed anyway. Also ssh provides a lot of other features, like full data encryption, proper account indentification, proper host identification checks, X window handling, passwd requests from user if needed, remote command filtering, and probably lots more. ------------------------------------------------------------------------------- What happens when you run a rsh command... Running rsh remote command args Assuming your remote login shell is a csh or tcsh, the command will... * launch a tcsh as you in your home with that command to be executed * tcsh will source .cshrc ONLY without the `prompt' being set * If your .cshrc is set up right (see the ``CSH Startup FAQ'' "../shell/csh.startup.faq"), the script file will see that the prompt is not set so will do a very basic non-interactive initialization of the command PATH, LD_LIBRARY_PATH and other required environment variables. * tcsh will then run that command given locating the command on the PATH set in the .cshrc ANy stdin toi the rsh will be given to standard in of the command and standard output and error changes passed back the same way. Ssh is also the same. -------------------------------------------------------------------------------