RCMD is a service that NoTouch Center uses to execute small commands on the client. It's main benefit is that it allows to talk to a group of machines very fast, such as searching for new instances. We typically advise people to turn it off after the initial set up period as it does not provide the same security as for example SSH-based communication.
RCMD is controlled from within the "Services" parameters. On the client, there is the "RCMD" subsection.
- Start RCMD. This parameter governs if the system should start the service at all. "No setting" leaves control up to NoTouch Center.
- Allow unauthenticated commands (DANGEROUS). The default value is off. Normally, each client uses limited-time tokens. If activated, the client accepts unauthenticated commands. Why could somebody want this? Well, there are special needs, e.g. with customers doing their own scripts in an isolated environment.
- Allow to be controlled by new management console. The default value is "on", but it will be turned off as soon as a client is configured by NoTouch Center. That means a client can only associate once with a management console. If you want to take over machines from a new installation, you need to enable this parameter first (but then make sure it is turned off).
- List of allowed IP addresses. This allows to set an IP-based filter. We advise to not rely on that alone because of potential IP falsification ("spoofing").
Since RCMD is a communication going from NoTouch Center to the clients, it may not work for firewall reasons. Particularly if you run your clients behind a masquerading gateway (doing NAT), RCMD won't work. Don't worry, we have designed the system in a way that you can live without RCMD.