Ubuntu下安装rsh实现无密码访问

一：环境

1.三台服务器ubuntu14.04， 主机名分别为compute，block1和blcok2

2.两台主机hosts文件都为：

root@compute:~# cat /etc/hosts
127.0.0.1 localhost
192.168.4.132 compute
192.168.4.133 block1
192.168.4.134 block2

二：安装rsh和rsh-server（三台主机都安装），并设置启动rsh和rlogin服务

1 安装

apt-get install rsh-client rsh-server xinetd

2  ubuntu下原来没有/etc/xinetd.d/rsh文件，新建并添加内容

# default: on
# descrīption: The rshd server is the server for the rcmd(3) routine and, \
#       consequently, for the rsh(1) program.  The server provides \
#       remote execution facilities with authentication based on \
#       privileged port numbers from trusted hosts.
service shell
{
        disable = no
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rshd
}

/etc/xinetd.d/rlogin

# default: on
# descrīption: rlogind is the server for the rlogin(1) program.  The server \
#       provides a remote login facility with authentication based on \
#       privileged port numbers from trusted hosts.
service login
{
        disable = no
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rlogind
}

/etc/xinetd.d/rexec

# default: off
# descrīption: Rexecd is the server for the rexec(3) routine.  The server \
#       provides remote execution facilities with authentication based \
#       on user names and passwords.
service exec
{
        disable = no
        socket_type             = stream
        wait                    = no
        user                    = root
        log_on_success          += USERID
        log_on_failure          += USERID
        server                  = /usr/sbin/in.rexecd
}

3 重启动

root@block2:~# /etc/init.d/xinetd restart
xinetd stop/waiting
xinetd start/running, process 26181

三：建立信任文件，实现无密码访问配置

1.在root主目录下建立.rhosts文件，并在此文件内写入这两台主机的主机名

root@block1:~# cat .rhosts 
compute	root
block1	root
block2	root

注：root 验证需要/root/.rhosts文件，普通用户需要/etc/hosts.equiv文件

2.在/etc目录下建立hosts.equiv文件，并在此文件内写入作为客户端主机的主机名

root@block1:~# cat /etc/hosts.equiv 
# /etc/hosts.equiv: list  of  hosts  and  users  that are granted "trusted" r
#		    command access to your system .
compute

3 在文件/etc/securetty中

加入rsh rlogin rexec

四：配置完毕，验证配置

1.在compute服务器上直接输入rsh block1 date就可以在block1上无密码执行date命令

root@compute:~# rsh block2 date
Thu Mar 30 16:38:42 CST 2017

2.在compute上直接输入rsh block1就可以无密码登录block1

3.普通用户操作同root用户

4.还有rcp命令可以远程复制文件

至此rsh无密码访问配置完毕