The rlogin and rsh are the remote login services provided by Linux. These services can be used to log in to a remote system and execute commands on it. Rlogin uses a hidden file called .rhosts that is present on the host machine. This file allows a machine to login without a password. This article describes how this rlogin service can be enabled on a machine to allow other machines to login to the system.
The rlogin and rsh services are controlled by xinetd. Xinetd is a super daemon. Super daemon means that it manages other daemons or other services. Rlogin service is a xinetd managed service. It means that rlogin depends upon xinetd service. Thus, in order to enable or disable a service controlled by xinetd, we need to check the configuration of xinetd. The configurations of services controlled by xinetd reside in "/etc/xinetd.d" directory. The configuration file for rlogin/rsh is /etc/xinetd.d/rsh or in some newer versions of Linux, it might be /etc/xinetd.d/klogin file. This file looks like this:
# default: off
# description: The kerberized rlogin server accepts BSD-style rlogin sessions, \
# but uses Kerberos 5 authentication.
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/kerberos/sbin/klogind
server_args = -5
disable = yes
This service is disabled by default. To enable it, change the value of "disable" to "no". Now restart the xinetd service so that the changes are read by the xinetd daemon:
$ service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
That's all you need to enable rlogin. You can check with the following command:
raghu@Inspiron-1440:~$ rlogin 192.168.1.10
Last login: Thu Nov 1 10:19:29 2012 from 192.168.1.15
[raghu@redhat-server ~]$ ls
Now you can execute all the commands at the rlogin server at 192.168.1.10.
You might also consider checking the iptables firewall setting at the server if you are not able to access the service.
In the ~/.rhosts file, the best permissions for this file are:
The client names stored in this file are full names such as