Skip to content

Uninstall rsh-server Package

An XCCDF Rule

Description

The rsh-server package can be removed with the following command:

$ sudo yum erase rsh-server

Rationale

The rsh-server service provides unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session and has very weak authentication. If a privileged user were to login using this service, the privileged user password could be compromised. The rsh-server package provides several obsolete and insecure network services. Removing it decreases the risk of those services' accidental (or intentional) activation.

ID
xccdf_org.ssgproject.content_rule_package_rsh-server_removed
Severity
High
References
Updated



Remediation - Anaconda Pre-Install Instructions


package --remove=rsh-server

Remediation - Ansible

- name: Ensure rsh-server is removed
  package:
    name: rsh-server
    state: absent
  tags:
  - NIST-800-53-CM-6(a)

Remediation - Puppet

include remove_rsh-server

class remove_rsh-server {
  package { 'rsh-server':
    ensure => 'purged',
  }

Remediation - Shell Script


# CAUTION: This remediation script will remove rsh-server
#	   from the system, and may remove any packages
#	   that depend on rsh-server. Execute this
#	   remediation AFTER testing on a non-production
#	   system!