Using rlogin, rsh, and rexec with PAM

For security reasons, rexec, rsh, and rlogin are not enabled by default in Red Hat Linux 7.1. You should use the OpenSSH suite of tools instead. Information concerning the OpenSSH tools can be found in Chapter 11 and the Official Red Hat Linux Customization Guide.

If you must use rexec, rsh, and rlogin, and if you need to use them as root, you will need to make a few modifications to the /etc/securetty file. All three of these tools have PAM configuration files that require the PAM module, so you must edit /etc/securetty to allow root access.

Before you can log in as root using these tools, you first have to have them properly set up. First, install the rsh-server RPM, which is included with Red Hat Linux 7.1. See the Official Red Hat Linux Customization Guide if you need assistance using RPM.

Next, run ntsysv and enable rexec, rsh, and rlogin. See the ntsysv man page if you need help using this tool.

Finally, restart xinetd with /sbin/service xinetd restart to activate the ntsysv changes. At this point, all users except root will be able to use rexec, rsh, and rlogin.

To allow root to use these tools, add the names of the tools you wish to allow to the /etc/securetty. If you wanted to enable root login using rexec, rsh, and rlogin, add the following lines to /etc/securetty:


To allow root to log in using these tools via telnet (an even worse idea but necessary in some environments), add a few more lines: