RSH

Remote shell protocol (RSH) is used for remote command execution and is the only protocol supported on your storage system. It is even less secure than TFTP and uses TCP port 514.

RSH is not secure because passwords are not required for login and commands are easy to misconfigure. If possible, RSH should be disabled by setting the rsh.enable option to off.

You should use the SSH supplied with SecureAdmin for remote command execution and login. If this is not possible, Telnet is preferred to RSH.

If RSH is the only alternative, follow these guidelines when using RSH:

Specify only secure, trusted hosts in the /etc/hosts.equiv file.
Always use IP addresses rather than host names in the /etc/hosts.equiv file.
Always specify a single IP address with a single user name on each line in /etc/hosts.equiv file.
Use the rsh.access option instead of the trusted.hosts option for access control.
Make sure the ip.match_any_ifaddr option is set to off.

Parent topic: IP port usage on a storage system