2.1.3 Remove rsh-server

Information

The Berkeley rsh-server (rsh, rlogin, rcp) package contains legacy services that exchange credentials in clear-text.

Rationale:

These legacy service contain numerous security exposures and have been replaced with the more secure SSH package.

Solution

Run the following command to remove rsh-server:

# yum erase rsh-server

Default Value:

OS Default: Not Installed

See Also

https://workbench.cisecurity.org/files/3096

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-11, CSCv7|2.6

Plugin: Unix

Control ID: bc3f6c3c57d15cf22661432e1cbd59e68e3646c12737ea9185786bdb1e26cf38