Rush Logo Rush Render Queue - RSH Configuration
(C) Copyright 1995,2005 Greg Ercolano. All rights reserved.
V 103.07b 05/11/16

Configuring an rsh(1) Server for Windows

    Enabling rsh(1) is not required for Rush, but having it can
    simplify the task of administering large networks of Windows 
    machines.

    There's many freeware rsh servers for Windows, some better than
    others. (You can't expect much from any of them since Windows
    doesn't have real tty's, and its user authentication system
    was not created with tools like rsh in mind.)

    Windows comes with workable 'rsh' and 'rcp' clients which
    can be used in DOS batch scripts, and if you install an 
    rsh server service, you can make use of them.

    Here's a freeware 'rshd' (rsh daemon) from sourceforge.net
    that seems to work pretty well on Windows, and is easy to setup:

	http://sourceforge.net/projects/rshd/

    You can download the "rshd#.#-Setup.exe" from there.
    To install, see their docs. But it's pretty much just:


    WINDOWS RSHD INSTALL
    --------------------

         1) In DOS, Run:

                 rshd1.8-Setup.exe

            ..and follow the onscreen gui instructions, using all defaults.

         2) To enable rshd:

                 cd "\program files\rshd\bin"
                 rshd -install -r
                 net start rshd

         3) Commands like these should now work:

                 rsh  dir
                 rsh  hostname
		 rcp file :/temp

            ..this should work from other machines too,
            including Unix.

            This also enables 'rcp' for copying files..!

	WARNING: Using 'rshd -install -r' is the easiest thing to do,
        but is also the most insecure; it trusts any machine on your 
        network when you use -r.

        If you're behind a firewall, this should be fine..
        however if you have security issues at your site,
        you might want to leave off the -r flag, and read
        their docs carefully for a more secure config.

        I would imagine if a virus found its way onto your
        network, it could propegate pretty easily using this
        service. But hopefully you know how to keep viruses
        out to begin with.


Configuring rsh(1) on Linux


    Enabling rsh(1) is not required for Rush, but having it enabled
    can simplify the task of administering large networks.

    Enabling rsh under linux so that it runs as root is a little
    tricky, because of all the security they've added to the OS:

         1. Add 'rsh' and 'rlogin' to /etc/securetty
         2. Add all IPs to /root/.rhosts, and chmod 600 /root/.rhosts
         3. Set "disable = no" in /etc/xinetd.d/{rsh,rlogin}
         4. chkconfig xinetd on ; /etc/init.d/xinetd restart

    This assumes rsh/xinetd/rsh-server packages are installed.
    These are enabled by default for a redhat9.0 'server' install,
    not sure about a 'workstation' config. If you need to install these
    packages, use the "rpm -ivh" commands.

    Tweaking /etc/hosts.equiv and the pam files is not necessary if 
    you use the above. No tweak to pam means the '+' promiscuous shortcut
    can't be used in /root/.rhosts, but it's pretty trivial to stick all
    the IP addresses in there with something like:

	perl -e 'for($t=1;$t<255;$t++){print"192.168.0.$t\n";}' > /root/.rhosts
	chmod 600 /root/.rhosts
        
    Be sure to disable (or configure) the software firewall
    so that it does not prevent the rsh protocol from working.

    You should then be able to run commands as root from other
    machines to this one, eg:

        rcp -rp /usr/local/rush newhost:/usr/local/rush
	rsh newhost /usr/local/rush/etc/bin/install.sh
	rsh newhost /usr/local/rush/etc/S99rush restart


Configuring rsh(1) on Mac/OSX

    Enabling rsh(1) is not required for Rush, but having it enabled
    can simplify the task of administering large networks.

    Enabling rsh on the mac is easy; run these commands as root:

	service shell start
	service login start
	echo + >  /var/root/.rhosts
	chmod 600 /var/root/.rhosts

    Be sure to disable (or configure) the software firewall
    so that it does not prevent the rsh protocol from working.

    NOTE: If you're on one of the newer OSX releases (eg. Mountain Lion)
    that doesn't have the 'service' command, you can use these commands
    instead:

	launchctl start com.apple.rshd
	launchctl start com.apple.logind
	echo + >  /var/root/.rhosts
	chmod 600 /var/root/.rhosts

    Either way, you should then be able to run commands as root from
    other machines to this machine, eg:

        rcp -rp /usr/local/rush newhost:/usr/local/rush
	rsh newhost /usr/local/rush/etc/bin/install.sh
	rsh newhost /usr/local/rush/etc/S99rush restart