Operating System - HP-UX
1748031 Members
4936 Online
108757 Solutions
New Discussion юеВ

Re: remsh protocol to be used

 
SOLVED
Go to solution
zxcv
Super Advisor

remsh protocol to be used

Hi ,

 

we have app and db split setup.

In turn to take db backup we are using remsh in our backup scripts , i would like to know whether it is secured one from audit point of view and if not then which protocol or service i should go for ??

 

3 REPLIES 3
James R. Ferguson
Acclaimed Contributor
Solution

Re: remsh protocol to be used

Hi:

 

The "r-shell" utilities are hopelessly insecure and should be replaced with SSH (of which 'scp' and 'sftp' are a part).  Connection authentication and data exchange are encrypted when you use SSH.  This adds a bit of CPU overhead and makes file transfers a bit slower than using the cleartext counterparts like FTP, but is a *must* in today's world.

 

Syntatically, changing from 'remsh' to 'ssh' is a virtual no-brainer.

 

Regards!

 

...JRF...

Doug O'Leary
Honored Contributor

Re: remsh protocol to be used

Hey;

 

To reiterate for emphasis, No, the UNIX r-commands *are not* secure from an audit perspective or any other.  All the network traffic is in the clear and there is little or no authentication.  As stated, you need to use secure shell (ssh) in place of any/all of the unix-r commands as well as telnet and ftp.

 

Check out the users' guide at http://www.olearycomputers.com/ll/ssh_guide.html for instructions on how to use ssh up to and including publick key authentication which you'll need in order to secure your back up scripts.

 

Hope that helps.  Post additional questions if and as needed.

 

Doug O"Leary


------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
zxcv
Super Advisor

Re: remsh protocol to be used

Thanks Doug .