rsh vs ssh
Hi all...
We are planing to migrate our applications from Unix to Linux.... rhs was used in shell scripts, shell scripts poll the backup database which sits on different server, when we migrate from unix to linux both primary and backup databases sit on same server... Is it necessary to change rhs to ssh in shell scripts ? Can anyone please suggest ? Thanks in advance... |
It is not mandatory but highly recommended. rsh does not use encryption for data transfer. ssh uses and hence more secure.
|
Quote:
Will there be much syntax differences between rsh and ssh ? Also i did not find rshd daemon in fedora 9 ? rsh client is present...does rsh uses any other daemon ? |
I haven't used rsh for many years, but from memory, the ssh implements the same syntax as rsh (while adding extra features).
For example Code:
ssh -l user host Code:
ssh user@host Evo2. |
No. As said much of the syntax should work in ssh as with rsh. But you should work with man pages to be sure.
|
Which backup app is it? I previously did the same thing, then everything went fine.
|
Quote:
|
Just a further comment on rsh vs. ssh -- even if I were not changing OS's, I would change from rsh to ssh. rsh is not secure for many reasons. It basically means that if anyone gets into one of your machines, they've got them all.
I use Amanda for backup. One option with it is to use ssh authentication and connections between backup server and clients. You can set up public key authentication, and you can restrict the keys. So, for example, the backup user on the server has a public key which is distributed to the clients. The client's backup user implements those keys with restrictions that allow them to be used only with one particular command (for backing up) and blocking portforwarding, x forwarding, etc. When I set something up like that, I typically reference http://sial.org/howto/openssh/publickey-auth/. The man page for sshd(8), `man -s 8 sshd`, also has details under Authorized_keys File Format. You end up with the ease of use of rsh, automatic login without passwords for automatic processes like backup, but with secure restrictions so that if someone were to break into one machine they wouldn't have access or free reign on any other machine. |
All times are GMT -5. The time now is 07:00 PM. |