world leader in high performance signal processing
Trace: » remote_shell

Remote Shells

Remote shell is commonly used in development environments for quickly running commands on the target or copying things from a development host to the target. It is used during the toolchain testing for running remote programs on the target.

Remote shell protocols are known to be insecure, and should not be deployed in a production environment. Remote shell protocols (rcp, rsh) uses “rhosts” authentication. This authentication scheme uses host-host trust. A user uses an “rhost” file to say that root@sysadmin_box can have root access on server. Host server checks the packets' source address to authenticate. It's well understood that rhosts authentication does not work well, and there are commonly understood (and used) exploits.

rsh

rsh stands for remote shell and allows you to execute non-interactive programs on another system. It executes the command on the other system and returns the program's standard output and standard error output.

The other system must be running a remote shell daemon (rshd) to handle the incoming rsh command.

The rsh command does not require you to enter a password for the other system.

rcp

rcp stands for remote copy and allows you to transfer files to and from another system over the network. It works like a “copy” command, where you specify a source and a destination, except that the source or destination of the copy can be the hostname or IP address of another system. It can also copy multiple files (using wildcards for example) and recursively copy entire directory trees.

The other system must be running a remote shell daemon (rshd) that supports rcp. Since it operates through the rshd, trust is established through host equivalency.

Example

usage: rcp [-p] f1 f2; or rcp [-rp] f1…fn directory

rcp file username@hostname:file
rcp username@hostname:file file

The first copies a file from the local machine to the remote machine.
The second copies a file from the remote host to the local host.
Full paths may be put into either file name. username may be omitted if it is the same on both system.

To copy a file from your Linux Development Host to the Blackfin Board use something like this:

your_host:~/>rcp uClinux-dist/romfs/bin/foo root@192.168.1.30:/bin

This will copy file foo into the /bin directory of the Blackfin Board with the IP-Addr: 192.168.1.30

Troubleshooting

If you have problems with rcp or rsh check the following:

  • Networking is configured properly .
  • Check if the inetd is running on the target:
    root:~> ps | grep inetd
      23 root        68 S  inetd
      40 root        516 R  grep inetd
    root:~>
  • On the target, check to make sure rshd is in the /etc/inetd.conf file:
    root:~> cat /etc/inetd.conf
    shell  stream tcp nowait root /bin/rshd
    ftp    stream tcp nowait root /bin/ftpd -l
    telnet  stream tcp nowait root /bin/telnetd
  • On the target, make sure that rshd is installed
    root:~> ls -l /bin/rshd
    -rwxr--r--    1 1000    100        54556 /bin/rshd
  • More recent rsh requires a file /root/.rhosts at the target with content ”+ +” in order to allow unlimited access by root user. Check this. Recent uclinux-dist generates this file for romfs. More info: http://www.mkssoftware.com/docs/man4/rhosts.4.asp.