Replacing R-Commands with SSH (SSH, The Secure Shell: The Definitive Guide)

4.5. Replacing R-Commands with SSH

SSH and the r-commands (rsh, rcp, rlogin) can coexist peacefully on the same machine. Since the r-commands are insecure, however, some system administrators prefer to replace them by their SSH counterparts (ssh, scp, slogin). This replacement has two parts:

Installing SSH and removing rsh, rcp, and rlogin; requires some user retraining
Modifying other programs or scripts that invoke the r-commands

The r-commands are so similar to their analogous SSH commands, you might be tempted to rename the SSH commands as the r-commands (e.g., rename ssh as rsh, etc.). After all, common commands like these are practically identical in syntax:

$ rsh -l jones remote.example.com
$ ssh -l jones remote.example.com

$ rcp myfile remote.example.com:
$ scp myfile remote.example.com:

Why not just rename? Well, the two sets of programs are incompatible in some ways. For example, not all versions of ssh support the "hostname link" feature of rsh [Section 2.7.3, "Hostname Links"], and some old versions of rcp use a different syntax for specifying remote filenames.

In the following sections, we discuss some common Unix programs that invoke the r-commands and how to adapt them to use SSH instead.

4.5.1. The /usr/hosts Directory

The program rsh has an interesting feature called hostname links. [Section 2.7.3, "Hostname Links"] If you rename the executable from "rsh" to something else, the program treats its new name as a hostname and connects to it by default. For example, if you rename rsh as "petunia," on invocation it executes rsh petunia. The renaming may be done literally or by creating a hard link or symbolic link to rsh:

$ ls -l petunia
lrwxrwxrwx  1 root      12 Jan 31  1996 petunia -> /usr/ucb/rsh
$ petunia
Welcome to petunia!
Last login was Wed Oct 6 21:38:14 from rhododendron
You have mail.

Some Unix machines have a directory, commonly /usr/hosts, that contains symbolic links to rsh representing various hosts on the local network (or beyond):

$ ls -l /usr/hosts
lrwxrwxrwx  1 root      12 Jan 31  1996 lily -> /usr/ucb/rsh
lrwxrwxrwx  1 root      12 Jan 31  1996 petunia -> /usr/ucb/rsh
lrwxrwxrwx  1 root      12 Jan 31  1996 rhododendron -> /usr/ucb/rsh
...

If you eliminate /usr/ucb/rsh from such a machine, obviously these links become orphaned. Delete them and replace them with links to ssh, perhaps with a shell script like this:

#!/bin/sh
SSH=/usr/local/bin/ssh
cd /usr/hosts
for file in *
do
  rm -f $file
  ln -s $SSH $file
  echo "Linked $file to $SSH"
done

4.5.2. Concurrent Version System (CVS)

CVS is a version-control system. It maintains a history of changes to sets of files, and helps coordinate the work of multiple people on the same files. It can use rsh to connect to repositories on remote hosts. For example, when you check in a new version of a file:

$ cvs commit myfile

if the repository is located on a remote machine, CVS may invoke rsh to access the remote repository. For a more secure solution, CVS can run ssh instead of rsh. Of course, the remote machine must be running an SSH server, and if you use public-key authentication, your remote account must contain your key in the appropriate place.[54]

[54]CVS also has a remote-access method involving its own server, called pserver. This mechanism can be secured using SSH port forwarding instead; see Chapter 9, "Port Forwarding and X Forwarding".

To make CVS use ssh, simply set the environment variable CVS_RSH to contain the path to your ssh client:

# Bourne shell family
# Put in ~/.profile to make permanent.
CVS_RSH=/usr/local/bin/ssh
export CVS_RSH

# C shell family
# Put in ~/.login to make permanent.
setenv CVS_RSH /usr/local/bin/ssh

This approach has one problem: each time you check in a file, the logger's name is the remote account owner, which might not be your own. The problem is solved by manually setting the remote LOGNAME variable using the "environment=" option in your remote authorized_keys file. [Section 8.2.6.1, "Example: CVS and $LOGNAME "]

4.5.3. GNU Emacs

The Emacs variable remote-shell-program contains the path to any desired program for invoking a remote shell. Simply redefine it to be the full path to your ssh executable. Also, the rlogin package, rlogin.el, defines a variable rlogin-program you can redefine to use slogin.

4.5.4. Pine

The Pine mail reader uses rsh to invoke mail-server software on remote machines. For example, it might invoke the IMAP daemon, imapd, on a remote mail server. Another program may be substituted for rsh by changing the value of a Pine configuration variable, rsh-path. This variable holds the name of the program for opening remote shell connections, normally /usr/ucb/rsh. A new value may be assigned in an individual user's Pine configuration file, ~/.pinerc, or in the system-wide Pine configuration file, typically /usr/local/lib/pine.conf. For example:

# Set in a Pine configuration file
rsh-path=/usr/local/bin/ssh

A second variable, rsh-command, constructs the actual command string to be executed for the remote mail server. The value is a pattern in the style of the C function printf( ). Most likely, you won't need to change the value because both rsh and ssh fit the default pattern, which is:

"%s %s -l %s exec /etc/r%sd"

The first three "%s" pattern substitutions refer to the rsh-path value, the remote hostname, and the remote username. (The fourth forms the remote mail daemon name, which doesn't concern us.) So by default, if your username is alice and the remote mail server is mail.example.com, rsh-command evaluates to:

/usr/ucb/rsh mail.example.com -l alice ...

By changing the rsh-path, it becomes instead:

/usr/local/bin/ssh mail.example.com -l alice ...

As we said, you probably don't need to do anything with rsh-command, but just in case, we've included it for reference. We present a detailed case study of integrating Pine and SSH1 later. [Section 11.3, "Pine, IMAP, and SSH"]

4.5.5. rsync, rdist

rsync and rdist are software tools for synchronizing sets of files between different directories on the same machine or on two different hosts. Both can call rsh to connect to a remote host, and both can easily use SSH instead: simply set the RSYNC_RSH for rsync and use the -P option with rdist. rsync with SSH is a particularly simple and effective method to securely maintain remote mirrors of whole directory trees.