Configuring the   rsh services in aix.

Step 1

 uncomment the following line in "/etc/inetd.conf"

shell   stream  tcp6    nowait  root    /usr/sbin/rshd         rshd



#  vi /etc/inetd.conf



## service  socket  protocol  wait/  user    server    server program
##  name     type             nowait         program     arguments
##
ftp     stream  tcp6    nowait  root    /usr/sbin/ftpd         ftpd
telnet  stream  tcp6    nowait  root    /usr/sbin/telnetd      telnetd -a 

shell   stream  tcp6    nowait  root    /usr/sbin/rshd         rshd


step 2
After making the changes in " /etc/inetd.conf" , you need to refresh the  inetd deamon.

  # refresh -s inetd

Step 3

 
Add the hosts from where you want to connect  to the   .rhosts  file  of the server






#  cd   ~

# vi .rhosts

server1
server2
server3










Kindly check  the permissions of this file also, it should be 600.

* Make sure that both files (/etc/hosts.equiv  & /.rhosts) have
permissions of 600; they're ignored otherwise.

  For non-root user's you need  to add  the hosts in the /etc/hosts.equiv  file.

 /.rhosts is used for  root rsh attempts.

password-less  ssh   authentication

why to use it?

1. suppose you are a system admin and you jump from 1 server to another frequently. that means that everytime you jump you have to give the password. that can be tough if the password's are complex .

2. Suppose you are scheduling the cron jobs and backup scripts which needs to login to remote servers. In this situation you can use this password-less  authentication .


How to configure the passwordless  ssh authentication ?

Step 1: .. Firstly we need to create  public and private keys using "ssh-key-gen" command  on server1.



[abhi@server1] $   ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/home/abhi/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/abhi/.ssh/id_rsa.
Your public key has been saved in /home/abhi/.ssh/id_rsa.pub.

The key fingerprint is:
34:b3:de:af:56:68:18:18:34:d5:de:67:2fdf2:35:g7 abhi@server1

This command will  create two files in ".ssh" directory inside your's home directory (in this case it will  be /home/abhi/.ssh)


 1.   id_rsa 
 2.   id_rsa.pub --  this file will contain the public/private   key.


Step 2: You need  to Copy the public key to  the second server(let it's  ip be 192.168.20.1)   using "ssh-copy-id" command.

[abhi@server1] $ ssh-copy-id -i  ~/.ssh/id_rsa.pub  192.168.20.1

abhi@server2's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

Note: ssh-copy-id appends the keys to the remote-host’s .ssh/authorized_key.

Step 3: Login to remote-host(192.168.20.1) without entering the password
 
[abhi@server1]  $ ssh  192.168.20.1
Last login: Sun April16 12:18:12 2012 from 192.168.20.1







it dosesn't ask's for password.


cheers