Run commands sequentially across a cluster from a UNIX server, Part 2: Remote shell (rsh)

Installing and configuring rsh

Harish Chauhan (hchauhan@in.ibm.com), Linux Architect, IBM, Software Group

Harish has been with IBM since 1998 and has 14 years of experience. During his last eight years with IBM, he has spent five years at the India Research Lab and one year at the IBM T.J.Watson Research Center. Harish has been leading the Linux Center of Competency in Bangalore, India for the past two years. You can contact him at hchauhan@in.ibm.com.

Summary: Find out how to configure remote shell (rsh) on IBM System p™ and System x™ computers so that the UNIX® server can access a remote server without a password.

Tag this!

Date: 20 Sep 2006
Level: Introductory
Also available in: Korean

Activity: 1688 views
Comments:

Note: This article is strictly for beginning UNIX® users and administrators. More experienced UNIX users will likely already know several ways of accomplishing this task.

Introduction: Executing a remote command on multiple computers

When you hear someone discussing a shell, do you know what it means? Basically on any UNIX machine, you open a terminal session where you type your commands to perform an activity, such as useradd username, passwd password, system-config-printers, and so on. This shell is local to your machine, so whatever command you execute performs activity on your local machine.

However, what if you want to execute a command on a set of machines, such as setting the date on all the machines on the network. One way is to log in individually to each machine and execute the date command. A better way would be to set it automatically, where you log in to a server and have that server using rsh set the date on the rest of the machines serially. To set the date remotely, you need tools like Secure Shell (SSH) and remote shell (rsh) installed on your machines. Usually, when you try to access the remote machines, you will be prompted for a password to make sure that you are an authorized user. However, you can configure SSH and rsh in your environment to bypass password verification. In this article, you will concentrate on how to configure rsh in your environment. In Part 1, SSH was discussed.

Hardware, software, and setup

Use the following hardware and software to perform the tasks described in this article:

IBM System p™ and System x™ servers, such as System p520 and System x345
Red Hat Enterprise Linux® Version 4.0 Update 3 (RHEL Version 4.0 Update 3)

Figure 1. Setup diagram

Now follow these steps:

Install RHEL Version 4.0 Update 3 on all your machines in the environment, such as node1.my.com, node2.my.com, and node3.my.com, as shown in Figure 1. (Note: Code listings mentioned here appear after all the instructions in the list.) I used Base RHEL4 for this testing.
Make sure rsh-server-0.17-25.1 is installed on all your machines, as shown in Listing 1.
If you already have rsh-server-0.17-25.1 installed, you will find rsh, rlogin, and rexec files in the /etc/xinetd.d/ folder on your machines, as shown in Listing 2. (Note: The rsh, rlogin, and rexec services are disabled by default).
In case you don't have rsh-server-0.17-25.1 installed, install it using RHEL4 CDs using the command, as shown in Listing 3. You can also use the #system-config-packages command to install the rsh-server rpm.

Listing 1. rsh RPM

     #rpm -qa|grep rsh-server
				rsh-server-0.17-25.1

Listing 2. rsh,rlogin, and rexec services


     /etc/xinetd.d

     -rw-r--r--  1 root root 361 Nov 23  2004 rexec
     -rw-r--r--  1 root root 378 Nov 23  2004 rlogin
     -rw-r--r--  1 root root 431 Nov 23  2004 rsh


     #cat /etc/xinetd.d/rsh 
			
     service shell
     {
     socket_type	= stream
     wait		= no
     user		= root
     log_on_success	+= USERID
     log_on_failure 	+= USERID
     server		= /usr/sbin/in.rshd
     disable		= yes
     }


     #cat /etc/xinetd.d/rogin

     service login
     {
     socket_type	= stream
     wait		= no
     user		= root
     log_on_success	+= USERID
     log_on_failure 	+= USERID
     server		= /usr/sbin/in.rlogind
     disable		= yes
     }

     #cat /etc/xinetd.d/rexec 

     service exec
     {
     socket_type	= stream
     wait		= no
     user		= root
     log_on_success	+= USERID
     log_on_failure 	+= USERID
     server		= /usr/sbin/in.rexecd
     disable 	= yes
     }

Listing 3. Install rsh

     #rpm -ivh rsh-server-0.17-25.1.i386.rpm

Configuring for root and standard users

You have the following two types of configurations to consider:

Root user
Standard user, in this case, myuser

Let's first consider configuring rsh for the root user. To configure the root user, follow these steps:

Log in as root
Enable the rsh, rlogin, and rexec services on all the machines, as shown in Listing 4. (Note: Code listings mentioned here appear after all the instructions in the list.) You can use #system-config-services or #ntsysv to enable the services. If you are an expert, you can manually make the changes in the required files.
Create a file /root/.rhosts on all the machines, as shown in Listing 5. Include all the machine names in this file where you want to execute a command without being prompted for a password.
Append rsh and rlogin entries in the /etc/securetty file, as shown in Listing 6.
After making the above changes, restart the xinetd service on all the machines, as shown in Listing 7.
Test your environment by executing the #rsh node3 date command. Doing so should let you see the date output from node3.my.com, as shown in Listing 8. In case you want to log in to node3, then execute #rsh node3, as shown in Listing 9.

Listing 4. rsh, rlogin, and rexec services

     #cat /etc/xinetd.d/rsh 
			
     service shell
     {
     socket_type	= stream
     wait		= no
     user		= root
     log_on_success	+= USERID
     log_on_failure 	+= USERID
     server		= /usr/sbin/in.rshd
     disable		= no
     }


     #cat /etc/xinetd.d/rogin

     service login
     {
     socket_type	= stream
     wait		= no
     user		= root
     log_on_success	+= USERID
     log_on_failure 	+= USERID
     server		= /usr/sbin/in.rlogind
     disable		= no
     }

     #cat /etc/xinetd.d/rexec 

     service exec
     {
     socket_type	= stream
     wait		= no
     user		= root
     log_on_success	+= USERID
     log_on_failure 	+= USERID
     server		= /usr/sbin/in.rexecd
     disable 	= no
     }

Listing 5. /root/.rhosts file

     #cat /root/.rhosts 
     node1.my.com	
     node2.my.com	
     node3.my.com

Listing 6. /etc/securetty file

     #cat /etc/securetty
     rlogin
     rsh
     console
     vc/1
     vc/2
     ..
     ..

Listing 7. Start and restart xinetd service

     #service xinetd stop/start OR #service xinetd restart

Listing 8. Run date command on node3 from node1

     node1.my.com>#rsh node3 date
     Mon Aug 28 17:44:48 IST 2006

Listing 9. Log in to node3 without being prompted for a password

     node1>#rsh node3
     node3>#

Next, configure rsh for any standard user, in this case, myuser. To do this, let's make the assumption that the username, myuser, exists on all the nodes. You want to test the situation where myuser is able to execute the command on a remote machine without being prompted for a password.

Log in as root.
Enable the rsh, rlogin, and rexec services on all the machines, as shown in Listing 4.
Create a file /etc/hosts.equiv, as shown in Listing 10.
Next restart the xinetd service, as shown in Listing 7.
Log in as myuser, as shown in Listing 11.
Test your environment by executing the $rsh node3 date command. Doing so should return the date output from node3.my.com, as shown in Listing 12.

Listing 10. /etc/hosts.equiv file

     #cat /etc/hosts.equiv
     node1.my.com	myuser
     node2.my.com	myuser
     node3.my.com	myuser

Listing 11. Log in as myuser

     node1>#su - myuser
     node1>$

Listing 12. Execute date command on node3 as user myuser

     node1>$rsh node3 date
     Mon Aug 28 17:49:28 IST 2006

Conclusion: Using rsh to save time

In this article, you learned how to configure rsh in your environment so that you can perform activities more easily and quickly. This not only saves time, but it also gives you flexibility to perform activities one at a time without being prompted for a password on a large number of machines. Part 1 discussed how to configure SSH, another way of executing sequential commands across your cluster environment without being prompted for a password.

Resources

Learn

"Run commands sequentially across a cluster from a UNIX server, Part 1" (developerWorks, August 2006): Learn how to configure Secure Shell (SSH) on IBM System p and System x computers.
About RSH Web site: Visit this site to find out more about rsh.
Remote Shell: All you need to know about remote shell.
HOWTOs on Linux: Visit this site to learn more about Linux, or solve an issue.
IBM Systems: Want more? The developerWorks IBM Systems zone hosts hundreds of informative articles and introductory, intermediate, and advanced tutorials.
developerWorks technical events and webcasts: Stay current with developerWorks technical events and webcasts.

Get products and technologies

IBM trial software: Build your next development project with software for download directly from developerWorks.

Discuss

Participate in the IBM Systems forums, developerWorks blogs, and get involved in the developerWorks community.

About the author

Comments

Trademarks | My developerWorks terms and conditions

Close [x]

Help: Update or add to My dW interests

What's this?

This little timesaver lets you update your My developerWorks profile with just one click! The general subject of this content (AIX and UNIX, Information Management, Lotus, Rational, Tivoli, WebSphere, Java, Linux, Open source, SOA and Web services, Web development, or XML) will be added to the interests section of your profile, if it's not there already. You only need to be logged in to My developerWorks.

And what's the point of adding your interests to your profile? That's how you find other users with the same interests as yours, and see what they're reading and contributing to the community. Your interests also help us recommend relevant developerWorks content to you.

View your My developerWorks profile

Return from help

Close [x]

Help: Remove from My dW interests

What's this?

Removing this interest does not alter your profile, but rather removes this piece of content from a list of all content for which you've indicated interest. In a future enhancement to My developerWorks, you'll be able to see a record of that content.

View your My developerWorks profile

Return from help

static.content.url=http://www.ibm.com/developerworks/js/artrating/

SITE_ID=1

Zone=AIX and UNIX

ArticleID=161297

ArticleTitle=Run commands sequentially across a cluster from a UNIX server, Part 2: Remote shell (rsh)

publish-date=09202006

author1-email=hchauhan@in.ibm.com

author1-email-cc=mmccrary@us.ibm.com