Skip to content

Uninstall rsh Package

An XCCDF Rule

Description

The rsh package contains the client commands for the rsh services

Rationale

These legacy clients contain numerous security exposures and have been replaced with the more secure SSH package. Even if the server is removed, it is best to ensure the clients are also removed to prevent users from inadvertently attempting to use these commands and therefore exposing their credentials. Note that removing the rsh package removes the clients for rsh,rcp, and rlogin.

ID
xccdf_org.ssgproject.content_rule_package_rsh_removed
Severity
Unknown
References
Updated



Remediation - Puppet

include remove_rsh

class remove_rsh {
  package { 'rsh':
    ensure => 'purged',
  }

Remediation - Shell Script


# CAUTION: This remediation script will remove rsh
#	   from the system, and may remove any packages
#	   that depend on rsh. Execute this
#	   remediation AFTER testing on a non-production
#	   system!

Remediation - Ansible

- name: Ensure rsh is removed
  package:
    name: rsh
    state: absent
  tags:
  - NIST-800-171-3.1.13