Configuring Additional File Transfer Functions
Configuring a Router to Use rsh and rcp
This feature is enabled by default. You can disable the DNS check for RCMD (rsh and rcp) access using the the following command in global configuration mode:
Command | Purpose |
|
|
no ip rcmd | Disables Domain Name Service (DNS) lookup for rsh and rcp |
| communications. |
|
|
Configuring a Router to Use rsh
You can use rsh to execute commands on remote systems to which you have access. When you issue the rsh command, a shell is started on the remote system. The shell allows you to execute commands on the remote system without having to log in to the target host.
You do not need to connect to the system, router, or access server and then disconnect after you execute a command if you use rsh. For example, you can use rsh to remotely look at the status of other devices without connecting to the target device, executing the command, and then disconnecting. This capability is useful for looking at statistics on many different routers.
Maintaining rsh Security
To gain access to a remote system running rsh, such as a UNIX host, an entry must exist in the system’s .rhosts file or its equivalent identifying you as a user who is authorized to execute commands remotely on the system. On UNIX systems, the .rhosts file identifies users who can remotely execute commands on the system.
You can enable rsh support on a router to allow users on remote systems to execute commands. However, our implementation of rsh does not support an .rhosts file. Instead, you must configure a local authentication database to control access to the router by users attempting to execute commands remotely using rsh. A local authentication database is similar to a UNIX .rhosts file. Each entry that you configure in the authentication database identifies the local user, the remote host, and the remote user.
Configuring the Router to Allow Remote Users to Execute Commands Using rsh
To configure the router as an rsh server, use the following commands in global configuration mode:
| Command | Purpose |
Step 1 |
|
|
ip rcmd | Creates an entry in the local authentication database | |
| host} | for each remote user who is allowed to execute rsh |
|
| commands. |
Step 2 |
|
|
ip rcmd | Enables the software to support incoming rsh | |
|
| commands. |
|
|
|
To disable the software from supporting incoming rsh commands, use the no ip rcmd
Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.1
