ACL Authentication of Incoming rsh and rcp Requests
|
|||||||||||
Contents ACL Authentication of Incoming rsh and rcp RequestsLast Updated: May 14, 2011
This document describes the ACL Authentication of Incoming RSH and RCP Requests feature in Cisco IOS Release 12.2(8)T. Finding Feature InformationYour software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required. Overview of ACL Authentication of Incoming rsh and rcp RequestsTo enable the Cisco IOS software to receive incoming remote shell (rsh) protocol and remote copy (rcp) protocol requests, customers must configure an authentication database to control access to the router. This configuration is accomplished by using the ip rcmd remote-host command. Currently, when using this command, customers must specify the local user, the remote host, and the remote user in the database authentication configuration. For users who can execute commands to the router from multiple hosts, multiple database authentication configuration entries must be used, one for each host, as shown below. ip rcmd remote-host local-user1 remote-host1 remote-user1 ip rcmd remote-host local-user1 remote-host2 remote-user1 ip rcmd remote-host local-user1 remote-host3 remote-user1 ip rcmd remote-host local-user1 remote-host4 remote-user1 This feature allows customers to specify an access list for a given user. The access list identifies the hosts to which the user has access. A new argument, access-list, has been added that can be used with this command to specify the access list, as shown below.
ip rcmd remote-host local-user1 access-list remote-user1
To allow a user access to the hosts identified in the access list, first define the access list. If the access list is not already defined, access to the host will be denied. For information about defining an access list, refer to the Cisco IOS Security Configuration Guide . Supported Platforms
Additional ReferencesRelated DocumentsMIBsTechnical Assistance
Feature Information for ACL Authentication of Incoming rsh and rcp RequestsThe following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. |
|||||||||||