Using the NIM service handler for client communication
NIM makes use of the remote shell server (rshd) when it performs remote execution on clients. The server provides remote execution facilities with authentication based on privileged port numbers from trusted hosts.
AIX® uses NIM Service Handler (NIMSH) to eliminate the need for rsh services during NIM client communication. The NIM client daemon (NIMSH) uses reserved ports 3901 and 3902, and it installs as part of the bos.sysmgt.nim.client fileset.
NIMSH allows you to query network machines by hostname. NIMSH processes query requests and returns NIM client configuration parameters used for defining hosts within a NIM environment. Using NIMSH, you can define NIM clients without knowing any system or network-specific information.
While NIMSH eliminates the need for rsh, it does not provide trusted authentication based on key encryption. To use cryptographic authentication with NIMSH, you can configure OpenSSL in the NIM environment. When you install OpenSSL on a NIM clients, SSL socket connections are established during NIMSH service authentication. Enabling OpenSSL provides SSL key generation and includes all cipher suites supported in SSL version 3.