Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


This entry starts the kshell service when required. This is a kerberized remote shell service, which provides a higher degree of security over traditional rsh.


The kshell service offers a higher degree of security than traditional rsh services. However, it still does not use encrypted communications. The recommendation is to utilize SSH wherever possible instead of kshell.

If the kshell service is used, you should use the latest kerberos version available and must make sure that all the latest patches are installed.


In /etc/inetd.conf, comment out the kshell entry and refresh the inetd process:

chsubserver -r inetd -C /etc/inetd.conf -d -v 'kshell' -p tcp
lssrc -s inetd && refresh -s inetd

Default Value:


See Also