Radio Shack FC-241 Configuring a Router to Use rsh, Maintaining rsh Security, Communications

Page 9

Configuring Additional File Transfer Functions

Configuring a Router to Use rsh and rcp

This feature is enabled by default. You can disable the DNS check for RCMD (rsh and rcp) access using the the following command in global configuration mode:

Command

Purpose

 

 

no ip rcmd domain-lookup

Disables Domain Name Service (DNS) lookup for rsh and rcp

 

communications.

 

 

Configuring a Router to Use rsh

You can use rsh to execute commands on remote systems to which you have access. When you issue the rsh command, a shell is started on the remote system. The shell allows you to execute commands on the remote system without having to log in to the target host.

You do not need to connect to the system, router, or access server and then disconnect after you execute a command if you use rsh. For example, you can use rsh to remotely look at the status of other devices without connecting to the target device, executing the command, and then disconnecting. This capability is useful for looking at statistics on many different routers.

Maintaining rsh Security

To gain access to a remote system running rsh, such as a UNIX host, an entry must exist in the system’s .rhosts file or its equivalent identifying you as a user who is authorized to execute commands remotely on the system. On UNIX systems, the .rhosts file identifies users who can remotely execute commands on the system.

You can enable rsh support on a router to allow users on remote systems to execute commands. However, our implementation of rsh does not support an .rhosts file. Instead, you must configure a local authentication database to control access to the router by users attempting to execute commands remotely using rsh. A local authentication database is similar to a UNIX .rhosts file. Each entry that you configure in the authentication database identifies the local user, the remote host, and the remote user.

Configuring the Router to Allow Remote Users to Execute Commands Using rsh

To configure the router as an rsh server, use the following commands in global configuration mode:

 

Command

Purpose

Step 1

 

 

ip rcmd remote-hostlocal-username {ip-address

Creates an entry in the local authentication database

 

host} remote-username [enable [level]]

for each remote user who is allowed to execute rsh

 

 

commands.

Step 2

 

 

ip rcmd rsh-enable

Enables the software to support incoming rsh

 

 

commands.

 

 

 

To disable the software from supporting incoming rsh commands, use the no ip rcmd rsh-enablecommand.

Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.1

FC-249

Page 8 Page 10
Image 9
Page 8 Page 10
Contents Configuring a Router as a Server Additional Functions Task ListFC-241 Configuring a Router as a Tftp Server Performing Prerequisite TasksFC-242 FC-243 Configuring the ServerFC-244 Configuring the Client RouterClient show version FC-245Configuring a Router as a Rarp Server Configures the router as a Rarp serverFC-246 FC-247 Router a has the following configurationDisabling DNS Reverse Lookup for Rcmd Configuring a Router to Use rsh and rcpOutgoing rsh and rcp traffic FC-248Disables Domain Name Service DNS lookup for rsh and rcp Configuring a Router to Use rshMaintaining rsh Security CommunicationsFC-250 Executing Commands Remotely Using rshFC-251 Configuring a Router to Use rcpFC-252 Configuring the Remote to Send rcp RequestsFTP Configuration Task List Configuring a Router to Use FTP ConnectionsConfiguring FTP Connections FC-253FC-254
Top Page Image Contents