On Mon, 2005-11-07 at 17:54, Tim Prendergast wrote: > Yes, it does... here's the rsh file in /etc/xinetd.d > > [root@]more /etc/xinetd.d/rsh > # default: on > # description: The rshd server is the server for the rcmd(3) routine and, \ > # consequently, for the rsh(1) program. The server provides \ > # remote execution facilities with authentication based on \ > # privileged port numbers from trusted hosts. > service shell > { > disable = no > socket_type = stream > wait = no > user = root > log_on_success += USERID > log_on_failure += USERID > server = /usr/sbin/in.rshd > cps = 1000 5 > } > > The oddity is that the other system also has the USERID entries. I removed > them just now to test, restarted xinetd.d, and ran the same 'time rsh > localhost uname -a' with the same results as before. This would indicate to > me that the IDENT request is taking nearly no time at all (0.001s difference > in the times with or without the log lines present). Yes IDENT is normally fast if it either completes or isn't running and you get an ICMP rejection. The thing that might have made it slow would be if you had a firewall dropping the packets so you'd get a timeout instead. Another thing that happens during a connection is a reverse DNS lookup to log the connecting host name and perhaps a check against hosts.allow and hosts.deny. How fast does your DNS respond? -- Les Mikesell lesmikesell@xxxxxxxxx