Request demo

RSH - the legacy remote shell tool

The rsh (remote shell) program was a tool for remotely running a command on a remote computer. It has since been superceded by ssh. Everyone who still has rsh enabled is encouraged to immediately disable it for important security reasons.

The rsh tool was introduced in BSD Unix in the 1980s. It was an important tool at the time, but it suffered from several shortcomings. Its security was poor, and its usability wasn't great.

Security Issues in rsh

rsh used .rhosts files and /etc/hosts.equiv for authentication. These methods relied on IP addresses and DNS (Domain Name System) for authentication. However, spoofing IP addresses is fairly easy, especially if the attacker is on the local network, and at the time it could even be done remotely.

Furthermore, the .rhosts files were stored in users' home directories, which were typically stored on NFS (Network File System) volumes. The security of NFS at that time was poor (and still is, in many installations).

Usability Issues in rsh

End users commonly wanted to use rsh to open a terminal window in a remote computer. They then wanted to run arbitrary applications from the remote server - including editors and graphical tools. To do this, they needed to set the user's DISPLAY environment variable appropriately, and allow access to their local X terminal. This was cumbersome.

SSH differed from rsh by setting the DISPLAY environment variable automatically. It also automatically created secure authentication tokens for X11 authentication and did it in a way that prevented rogue servers from using those credentials after the session terminated. This was a major convenience, which helped push universities and companies into using SSH instead of rsh.