Thus spake gabriel rosenkoetter ("gr> ") sometime Yesterday...

gr> Note that ssh very puporsely takes the same arguments and can
gr> act-alike for rsh(1) (and kin), including the incredibly bone-headed
gr> "forgot the :"[2] on scp(1). So it can be a drop in replacement.

Um, not quite, for those of us who "grew up" being able to use /usr/hosts
as shorthands.  I have a workaround, but I don't think I should have had
to come up with one.

foo# mkdir /usr/hosts
foo# PATH=$PATH:/usr/hosts
foo# ln -s /usr/bin/ssh /usr/hosts/localhost
foo# localhost
Usage: localhost [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -F config   Config file (default: ~/.ssh/config).
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding (default).
  -k          Disable Kerberos ticket and AFS token forwarding.
  -X          Enable X11 connection forwarding.
  -x          Disable X11 connection forwarding (default).
  -i file     Identity for public key authentication (default: ~/.ssh/identity)
  -t          Tty; allocate a tty even if command is given.
  -T          Do not allocate a tty.
  -v          Verbose; display verbose debugging messages.
              Multiple -v increases verbosity.
  -V          Display version number only.
  -q          Quiet; don't display any warning messages.
  -f          Fork into background after authentication.
  -e char     Set escape character; ``none'' = disable (default: ~).
  -c cipher   Select encryption algorithm
  -m macs     Specify MAC algorithms for protocol version 2.
  -p port     Connect to this port.  Server must be on the same port.
  -L listen-port:host:port   Forward local port to remote address
  -R listen-port:host:port   Forward remote port to local address
              These cause localhost to listen for connections on a port, and
              forward them to the other side by connecting to host:port.
  -D port     Enable dynamic application-level port forwarding.
  -C          Enable compression.
  -N          Do not execute a shell or command.
  -g          Allow remote hosts to connect to forwarded ports.
  -1          Force protocol version 1.
  -2          Force protocol version 2.
  -4          Use IPv4 only.
  -6          Use IPv6 only.
  -o 'option' Process the option as if it was read from a configuration file.
  -s          Invoke command (mandatory) as SSH2 subsystem.
  -b addr     Local IP address.
foo#

gr> Kind of like how Postfix and exim have sendmail(1) dropins. And how
gr> LPRng and CUPS have lp{,r,q,rm}(1) dropins. So the real question is,
gr> "should we have an rwrapper", isn't it? ;^> (NO! Obviously not!
gr> SECSH isn't anywhere near the same protocol! Ah, but lpd
gr> replacements DO speak the same protocol, and some extra ones too!)

I have a problem, personally, with the bloat of CUPS.  But that's my
problem.

				--*greywolf;
--
NetBSD: the power to swerve (penguins, worse than cane toads).