Rsh security is not guaranteed, all passwords are transmitted in plain text, if the server has a large number of external services, it is recommended not to use this protocol
We use CentOS system when installing RAC, each node needs to be configured relationship of mutual trust, so rsh, rlogin, rcp commands do not need to enter a password can operate other nodes.
PS: The following steps are required to operate the two machines
Pre-conditions:
Turn off the firewall
Close selinux
1, first install the required packages on two machines:
yum -y install rsh rsh-server xinetd
2, the configuration / etc / hosts Analysis:
Ip host hostname
3, edit the file /etc/hosts.equiv
The host name is written into two, one host name per line
4, in the user's home directory editor .rhosts file
vim .rhosts
The two hosts were written in, its own line
5, edit / etc / securetty additional three lines of text inside:
echo rsh >>/etc/securetty
echo rlogin >>/etc/securetty
echo rexec >>/etc/securetty
6, in /etc/xinetd.d/ directory, add two configuration files are as follows:
cat /etc/xinetd.d/rsh
# default: on
# # # description: The rshd server is the server for the rcmd(3) routine and,
# # # consequently, for the rsh(1) program. The server provides
# # # remote execution facilities with authentication based on
# # # privileged port numbers from trusted hosts. service shell
service shell
{
disable = no
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rshd
}
cat /etc/xinetd.d/rlogin
# default: on
# # description: rlogind is the server for the rlogin(1) program. The server
# # provides a remote login facility with authentication based on
# # privileged port numbers from trusted hosts. service login
service login
{
disable = no
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
}
7, restart the xinetd service:
systemctl restart xinetd.service
8, 514 queries whether the port is listening:
netstat -an | grep 514
tcp6 0 0 :::514 :::* LISTEN
9, test whether you can access without a password:
rsh hostname