rsh -x sending command in the clear?

Sam Hartman hartmans at MIT.EDU
Wed May 29 00:35:38 EDT 2002


>>>>> "Will" == Will Fiveash <william.fiveash at sun.com> writes:

    Will> I was doing some kerberized rsh testing using MIT 1.2.5 and
    Will> I noticed when doing:

    Will>     /usr/local/bin/rsh -x myhost.com 'echo hello'

    Will> that the 'echo hello' command is sent in the clear to the
    Will> remote host even though I specified the -x flag (encrypt
    Will> network session data).  Is this expected behavior?  If so,
    Will> it seems to me that the rsh man page and the string output
    Will> by rsh, "This rsh session is using DES encryption for all
    Will> data transmissions.", should mention the command is being
    Will> sent in the clear.

This is expected behavior.  The command is integrity checked but not
encrypted.  If GSS ssh weren't so far along, it might be worth fixing
this.  But hopefully we will soon be able to start thinking about
phasing out rsh in favor of ssh.

You should file a bug on the man page and message.




More information about the Kerberos mailing list