Troubleshooting
Problem
How to disable rsh and rlogin on a AIX® system?
Symptom
As part of security health check, one can find vulnerabilities related to rsh and rlogin on their AIX® system:
'rsh' Remote Shell Service Enabled
'rlogin' Remote Login Service Enabled
Cause
rsh and rlogin are both used to log in remotely to a system and are older protocols offering minimal security and are superseded by ssh. So, if ssh is enabled on this system, then rsh and rlogin are still running on the system and are redundant.
Diagnosing The Problem
Check whether the login and shell service is active on your system or not with the commands:
# lssrc -t login
# lssrc -t shell
Resolving The Problem
If they are active, to disable them, make sure the following lines in your /etc/inetd.conf file are commented out:
login stream tcp6 nowait root /usr/sbin/rlogind rlogind
shell stream tcp6 nowait root /usr/sbin/rshd rshd
Refresh inetd for the change to take effect:
# refresh -s inetd
Check the login and shell service again:
# lssrc -t login
# lssrc -t shell
They should be inoperative now.
Related Information
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"Component":"","Platform":[{"code":"PF002","label":"AIX"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Was this topic helpful?
Document Information
Modified date:
19 July 2022
UID
ibm16605265