rsh详细配置

1.host: 
	server 10.10.0.3 admin_dev 
	client 10.10.0.6 test_dev
	
2.两台主机同时安装rsh,rsh-server 
	yum install -y rsh rsh-server
	
3.修改两台主机配置文件 cd /etc/xinetd.d/ 
	vi rexec vi rsh vi rlogin 
	service shell
	{
		socket_type		= stream
		wait			= no
		user			= root
		log_on_success		+= USERID
		log_on_failure 		+= USERID
		server			= /usr/sbin/in.rshd
		#disable		= yes    #修改yes为no
		disable			= no
	}
	
	
4.在server主机hosts文件中添加 
	10.10.0.6 test_dev

5.在两台主机非root用户的家目录下添加(执行shell命令) 
	vi .rhosts 
	在server端添加需要远程的主机名和用户(非root) 
		例： 10.10.0.6 admin 
	在client端添加server主机的主机名和用户(非root) 
		例： 10.10.0.3 admin 
	文件.rhosts添加权限(.rhosts文件一定要放在用户的家目录下和.bash_profile同级) 
	chmod 600 .rhosts
	
6.在两台主机/etc目录下添加(无密码登录) 
	vi hosts.equiv 
	在server端添加需要远程的主机名和用户 
		例： 10.10.0.6 admin 
	在client端添加server主机的主机名和用户 
		例： 10.10.0.3 admin 
	文件.rhosts添加权限 chmod 600 /etc/hosts.equiv

7.配置server的rsh server
	修改/etc/securetty文件
		echo rsh >>/etc/securetty 
		echo rlogin >>/etc/securetty 
		echo rexec >>/etc/securetty

8. 两台主机启动xinetd 
	service xinetd start

9.监听514端口 
	netstat -an | grep 514 
	tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN

10.关闭SELinux vi /etc/selinux/config 
	# This file controls the state of SELinux on the system. 
	# SELINUX= can take one of these three values: 
	# enforcing - SELinux security policy is enforced. 
	# permissive - SELinux prints warnings instead of enforcing. 
	# disabled - SELinux is fully disabled. 
	SELINUX=disabled 
	# SELINUXTYPE= type of policy in use. Possible values are: 
	# targeted - Only targeted network daemons are protected. 
	# strict - Full SELinux protection. 
	SELINUXTYPE=targeted
	
11.iptables开放514端口 
	iptables -A INPUT -p tcp --dport 514 -j ACCETP
	
12.查看端口是否通 
	nc -v 10.10.0.6 514 Connection to 10.10.0.6 514 port [tcp/shell] succeeded! ##端口正常通过
	
13.测试 
	rsh test_dev date Sat May 6 16:22:29 CST 2017