 | Level: Introductory Harish Chauhan (hchauhan@in.ibm.com), Linux Architect, IBM
20 Sep 2006 Find out how to configure remote shell (rsh) on IBM System p™ and System x™ computers so that the UNIX® server can access a remote server without a password.
Note: This article is strictly for beginning UNIX® users and administrators. More experienced UNIX users will likely already know several ways of accomplishing this task.
Introduction: Executing a remote command on multiple computers
When you hear someone discussing a shell, do you know what it means? Basically on any UNIX machine, you open a terminal session where you type your commands to perform an activity, such as useradd username, passwd password, system-config-printers, and so on. This shell is local to your machine, so whatever command you execute performs activity on your local machine.
However, what if you want to execute a command on a set of machines, such as setting the date on all the machines on the network. One way is to log in individually to each machine and execute the date command. A better way would be to set it automatically, where you log in to a server and have that server using rsh set the date on the rest of the machines serially. To set the date remotely, you need tools like Secure Shell (SSH) and remote shell (rsh) installed on your machines. Usually, when you try to access the remote machines, you will be prompted for a password to make sure that you are an authorized user. However, you can configure SSH and rsh in your environment to bypass password verification. In this article, you will concentrate on how to configure rsh in your environment. In Part 1, SSH was discussed.
Hardware, software, and setup
Use the following hardware and software to perform the tasks described in this article:
- IBM System p™ and System x™ servers, such as System p520 and System x345
- Red Hat Enterprise Linux® Version 4.0 Update 3 (RHEL Version 4.0 Update 3)
Figure 1. Setup diagram
Now follow these steps:
- Install RHEL Version 4.0 Update 3 on all your machines in the environment, such as
node1.my.com, node2.my.com, and node3.my.com, as shown in Figure 1. (Note: Code listings mentioned here appear after all the instructions in the list.) I used Base RHEL4 for this testing.
- Make sure
rsh-server-0.17-25.1 is installed on all your machines, as shown in Listing 1.
- If you already have
rsh-server-0.17-25.1 installed, you will find rsh, rlogin, and rexec files in the /etc/xinetd.d/ folder on your machines, as shown in Listing 2. (Note: The rsh, rlogin, and rexec services are disabled by default).
- In case you don't have
rsh-server-0.17-25.1 installed, install it using RHEL4 CDs using the command, as shown in Listing 3. You can also use the #system-config-packages command to install the rsh-server rpm.
Listing 1. rsh RPM
#rpm -qa|grep rsh-server
rsh-server-0.17-25.1
|
Listing 2. rsh,rlogin, and rexec services
/etc/xinetd.d
-rw-r--r-- 1 root root 361 Nov 23 2004 rexec
-rw-r--r-- 1 root root 378 Nov 23 2004 rlogin
-rw-r--r-- 1 root root 431 Nov 23 2004 rsh
#cat /etc/xinetd.d/rsh
service shell
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rshd
disable = yes
}
#cat /etc/xinetd.d/rogin
service login
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
disable = yes
}
#cat /etc/xinetd.d/rexec
service exec
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rexecd
disable = yes
}
|
Listing 3. Install rsh
#rpm -ivh rsh-server-0.17-25.1.i386.rpm
|
Configuring for root and standard users
You have the following two types of configurations to consider:
-
Root user
- Standard user, in this case,
myuser
Let's first consider configuring rsh for the root user. To configure the root user, follow these steps:
- Log in as
root
- Enable the
rsh, rlogin, and rexec services on all the machines, as shown in Listing 4. (Note: Code listings mentioned here appear after all the instructions in the list.) You can use #system-config-services or #ntsysv to enable the services. If you are an expert, you can manually make the changes in the required files.
- Create a file
/root/.rhosts on all the machines, as shown in Listing 5. Include all the machine names in this file where you want to execute a command without being prompted for a password.
- Append
rsh and rlogin entries in the /etc/securetty file, as shown in Listing 6.
- After making the above changes, restart the
xinetd service on all the machines, as shown in Listing 7.
- Test your environment by executing the
#rsh node3 date command. Doing so should let you see the date output from node3.my.com, as shown in Listing 8. In case you want to log in to node3, then execute #rsh node3, as shown in Listing 9.
Listing 4. rsh, rlogin, and rexec services
#cat /etc/xinetd.d/rsh
service shell
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rshd
disable = no
}
#cat /etc/xinetd.d/rogin
service login
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
disable = no
}
#cat /etc/xinetd.d/rexec
service exec
{
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rexecd
disable = no
}
|
Listing 5. /root/.rhosts file
#cat /root/.rhosts
node1.my.com
node2.my.com
node3.my.com
|
\
Listing 6. /etc/securetty file
#cat /etc/securetty
rlogin
rsh
console
vc/1
vc/2
..
..
|
Listing 7. Start and restart xinetd service
#service xinetd stop/start OR #service xinetd restart
|
Listing 8. Run date command on node3 from node1
node1.my.com>#rsh node3 date
Mon Aug 28 17:44:48 IST 2006
|
Listing 9. Log in to node3 without being prompted for a password
Next, configure rsh for any standard user, in this case, myuser. To do this, let's make the assumption that the username, myuser, exists on all the nodes. You want to test the situation where myuser is able to execute the command on a remote machine without being prompted for a password.
- Log in as
root.
- Enable the
rsh, rlogin, and rexec services on all the machines, as shown in Listing 4.
- Create a file
/etc/hosts.equiv, as shown in Listing 10.
- Next restart the
xinetd service, as shown in Listing 7.
- Log in as
myuser, as shown in Listing 11.
- Test your environment by executing the
$rsh node3 date command. Doing so should return the date output from node3.my.com, as shown in Listing 12.
Listing 10. /etc/hosts.equiv file
#cat /etc/hosts.equiv
node1.my.com myuser
node2.my.com myuser
node3.my.com myuser
|
Listing 11. Log in as myuser
node1>#su - myuser
node1>$
|
Listing 12. Execute date command on node3 as user myuser
node1>$rsh node3 date
Mon Aug 28 17:49:28 IST 2006
|
Conclusion: Using rsh to save time
In this article, you learned how to configure rsh in your environment so that you can perform activities more easily and quickly. This not only saves time, but it also gives you flexibility to perform activities one at a time without being prompted for a password on a large number of machines. Part 1 discussed how to configure SSH, another way of executing sequential commands across your cluster environment without being prompted for a password.
Resources Learn
Get products and technologies
-
IBM trial software: Build your next development project with software for download directly from developerWorks.
Discuss
About the author | 
| | Harish has been with IBM since 1998 and has 14 years of experience. During his last eight years with IBM, he has spent five years at the India Research Lab and one year at the IBM T.J.Watson Research Center. Harish has been leading the Linux Center of Competency in Bangalore, India for the past two years. You can contact him at hchauhan@in.ibm.com. |
Rate this page
| |
