In an effort to adapt to best security practices, it has been suggested that a number of scripts that are going to be distributed to multiple machines across an internal network use be modified to replace instances of rsh and rcp with openSSH ssh and scp. Since there are so many references to rsh and rcp in the existing scripts, it was proposed that rather than edit all of the script files, we just alias rsh with ssh and rcp with scp, then disable use of rsh and rcp. This doesn't really sit right with me but I need more than that to justify why the actual files should be edited. Being sort of new to Unix I can't really come up with a valid reason why this solution isn't a good idea. Any thoughts? Am I just being naive and this solution is just as good as manually going in and editing the scripts? Thanks for your help.

Since there are so many references to rsh and rcp in the existing scripts, it was proposed that rather than edit all of the script files, we just alias rsh with ssh and rcp with scp, then disable use of rsh and rcp. This doesn't really sit right with me but I need more than that to justify why the actual files should be edited.

Above is the fastest way to achieve your objective. However, if you really need to edit the actual files, man-days effort will be needed.

I don't understand why you want to edit those files directly unless you want a "clean" solution ? What happen if in future in place of ssh you want another say abc then you need to go all over again to edit all those files ?

Editing the files should be pretty simple. Just a sed script ought to do the trick. What I really want is a good solid justification why creating aliases as a quick and dirty way to solve the problem is a bad idea.