NAME rsh - remote shell SYNOPSIS rsh host [-l username] [-n] [-d] [-k realm] [-f | --forward | -F | --forwardable] [--Forwardable] [--noforward] [--noforwardable] [--noForwardable] [-x | --encrypt] [--noencrypt] [--noflow] [fB/-/-version] command DESCRIPTION Rsh connects to the specified host, and executes the speci- fied command. Rsh copies its standard input to the remote command, the standard output of the remote command to its standard output, and the standard error of the remote com- mand to its standard error. This implementation of rsh will accept any port for the standard error stream. Interrupt, quit and terminate signals are propagated to the remote com- mand; rsh normally terminates when the remote command does. Each user may have a private authorization list in a file .k5login in his login directory. Each line in this file should contain a Kerberos principal name of the form principal/instance@realm. If there is a ~/.k5login file, then access is granted to the account if and only if the originater user is authenticated to one of the princiapls named in the ~/.k5login file. Otherwise, the originating user will be granted access to the account if and only if the authenticated principal name of the user can be mapped to the local account name using the aname -> lname mapping rules (see krb5_anadd(8) for more details). OPTIONS -l username sets the remote username to username. Otherwise, the remote username will be the same as the local username. -x | --encrypt causes the network session traffic to be encrypted. --noencrypt disables encryption. This is useful for overriding the application defaults in the host's krb5.conf(5) file. -f | --forward The -f and --forward options cause Kerberos credentials to be forwarded to the remote machine for use by the specified command. They will be removed when command finishes. This option is mutually exclusive with the -F or --forwardable options. -F | --forwardable , --Forwardable The -F , --forwardable , and --Forwardable options cause forwardable Kerberos credentials to be forwarded to the remote machine for use by the specified command. They will be removed when command finishes. This option is mutually exclusive with the -f or --forward options. --noforward disables ticket forwarding. This is useful for over- riding the application defaults in the host's krb5.conf(5) file. --noforwardable The --noforwardable , and --noForwardable options make any forwarded tickets non-forwardable. This is useful for overriding the application defaults in the host's krb5.conf(5) file. -krealm causes rsh to obtain tickets for the remote host in realm instead of the remote host's realm as determined by krb_realmofhost(3). -d turns on socket debugging (via setsockopt(2)) on the TCP sockets used for communication with the remote host. -n redirects input from the special device /dev/null (see the BUGS section below). --noflow If rsh causes you to be logged into the remote host using rlogin(1), this option passes the --noflow option to rlogin. If you omit command, then instead of executing a single com- mand, you will be logged in on the remote host using rlo- gin(1). Shell metacharacters which are not quoted are interpreted on the local machine, while quoted metacharacters are inter- preted on the remote machine. Thus the command rsh otherhost cat remotefile >> localfile appends the remote file remotefile to the local file local- file, while rsh otherhost cat remotefile ">>" otherremotefile appends remotefile to otherremotefile. exits. Prints out the KerbNet release version of the binary and then CONFIGURATION The following defaults may be specified in the [appdefaults] or [realms] section of the krb5.conf(5) file: forwardable Whether or not any forwarded tickets should be forwardable. Takes a boolean argument. forward Whether or not to forward tickets to the remote host. Takes a boolean argument. encrypt Whether or not to encrypt the data stream. Takes a boolean argument. For example: [appdefaults] rsh = { forwardable = true forward = true encrypt = true } [realms] FUBAR.ORG = { rsh = { forward = false } } FILES /etc/hosts 7 /etc/krb5.conf file containing local host's Kerberos V5 configuration information 7 ~/.k5login (on remote host) - file containing Kerberos principals that are allowed access. SEE ALSO rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), k5login(5), krb5.conf(5) BUGS If you are using csh(1) and put a rsh(1) in the background without redirecting its input away from the terminal, it will block even if no reads are posted by the remote com- mand. If no input is desired you should redirect the input of rsh to /dev/null using the -n option. You cannot run an interactive command (like rogue(6) or Stop signals stop the local rsh process only; this is argu- ably wrong, but currently hard to fix for reasons too com- plicated to explain here.