Corinna Vinschen writes: > Personally I agree with Takashi, btw. Linux still provides the old r* > tools including rsh-server. There may still be legit uses of the tools > in controlled environments. if we remove all packages which can be used > to shoot yourself in the foot, there's not much left, I guess.
I would normally agree, but in this particular case I've never seen an environment controlled enough to allow this safely and certainly not anywhere near anything running Windows. I'm not saying it isn't possible or it doesn't exist, it's just that setting it up is going to take more work than using SSH. If the real reason is legacy equipment (I actually have to deal with that, just not with rsh specifically), then I'd rather put an access relay in front of it than compromise my entire network. This stuff usually has a bunch of other quirks/problems that you don't want to expose. > As a compromise, we could continue to provide the client package and > just discontinue the server package, but it's your choice. You'd still send all sensitive information over the network. I've just checked and openSUSE no longer offers the netkit tools. There are packages for mrsh (using munge authentication) and compat packages providing rsh/rcp and the respective daemons. Debian optionally replaces the rsh-server with rsh-redone-server and rsh-client with openssh-client (i.e. these provide some or all functionality of the corresponding netkit packages). Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Wavetables for the Terratec KOMPLEXER: http://Synth.Stromeko.net/Downloads.html#KomplexerWaves
