Copyright 1998 Pragma Systems, Inc.
Rshd allows remote users to execute a single command on a remote machine via a rsh client, that follows the Remote Shell Daemon UNIX standard, including clients from UNIX, Linux, NT and Pragma Systems Rsh Client for 95/98 . A user password is not required to connect to the daemon. When a rsh client connects to the server, rshd will use the information in the .RHOSTS file to verify the user. See Creating the .RHOSTS File section below for more information about the file. The .RHOSTS file is the only security checking done in the rshd – rsh, interaction. For additional security of password checking, use Pragma Systems’s Remote Execute Daemon and any rexec client. Logon successes and failures will be recorded in the Windows Application Event Log.
The Remote Shell Daemon is designed for executing a single command, such as a batch file, without having to initiate a telnet session. The client connects to the server on port 514, by default. The server authenticates the user, and if successful, executes the command, then exits. Most commands can be run on the server, including interactive commands and command shells. Some of the commands that can be run are: batch files, command shells, operating system commands, NET commands, and character output applications. Full character mode programs, such as EDIT.COM, cannot be run by the Remote Shell Daemon.
The configuration of the Remote Shell Daemon can be set using the “Configure InetD” icon, under the InetD Service, Remote Shell. The default settings for the daemon are:
Service Name: Remote Shell
Service Properties:
Service: rshd
Application: Installation Path\InetD\rshd.exe or Installation Path\InetD\rshd95.exe
Arguments:
Network Properties:
TCP/IP Port: 514
Type: console
Protocol: tcp
CREATING THE .RHOSTS FILE:
The .RHOSTS file is a text file of authorized machines and users. Each line of the file should consist of a hostname, or IP address, and username separated by at least one space. The username can be in the format of Domain\Username. Wildcards, using the *, can be used to specify multiple machines or users with a single line.
Example:
|
ClientHost |
rshUser |
|
|
Hostname |
domain\rshUser |
|
|
* |
rshUser |
rshUser can connect from any machine |
|
host.domain.com |
* |
any user can connect from host.domain.com |
The file should be located in the %SystemRoot% directory. For Windows NT the file could also be located in the %SystemRoot%\System32\drivers\etc directory.
In many text editors you cannot create a file beginning with a period(.), so you must first create the file and name it something else (say, RHOSTS), and then from the command line use the rename command to change it to .RHOSTS. (Example: rename C:\WINDOWS\RHOSTS .RHOSTS)
NT/2000/XP/.NET LIMITATIONS:
Since a password is not provided in the rshd - rsh interaction, user context cannot be set to the given user in NT, due to NT password requirements. After passing the .RHOSTS file check, the command is run under the NT System Account. Use Pragma's rexecd and any rexec client to run a command with user context.
Since rshd runs commands under the NT System Account and does not setup user context, any command which requires a logon session, such as net config wksta, results in an error message.
95/98 LIMITATIONS:
Any command run by the Remote Shell Daemon will as the user who is logged on locally.