Bad idea
You do it by putting the hostname in ~/.rhosts, but this is a _very_
bad idea. Or /etc/hosts.equiv. These files must have certain
ownership/permissions, see man ruserok.
If your app is really running rsh, instead of talking the protocol
directly, you could fool it into running ssh instead by something
like "PATH=~/bin:$PATH" and then "ln -s $(which ssh) ~/bin/rsh".
To use ssh.
1) on the machine you want to login from
2) become the user you'd like to be have login
su - <user>
3) run ssh-keygen, and don't give it a password
4) Copy ~<user>/.ssh/identity.pub to the machine
you want to login on. (Instead of identity.pub, you
may see id_rsa.pub or id_dsa.pub, depending on
what version of ssh you're using and what kind
of key is made. See below for version notes.)
5) Make the identity.pub owned by the user
you want to login as. (do this as root, or
just because you logged in as this user when
you copied it.)
chown <rem_user> identity.pub
6) Become the user you want to login as.
su - <rem_user>
7) Finish by allowing <user> to login as <rem_user>
mv identity.pub ~/.ssh/authorized_keys
chmod u=rw,g=,o= ~/.ssh/authorized_keys
8) gotcha's and tips
Now, <user> on the local machine can login as <rem_user> on the
remote machine with:
ssh <rem_user>@<remote_machine>
and otherwise do like rsh, run single commands, etc.
sshkeygen on the local machine can put the identity file somewhere else (so the local user dosen't have to have a home directory for instance). Then you'd use:
ssh -i <identityfilename> <rem_user>@r<emote_machine>
You can have problems with interoperability between different versions of ssh with different protocols. Use "-d" with ssh to find out what protocol it's trying to talk. Use "ssh-keygen -t rsa1" to talk with hosts that only support the ssh1 protocol.
|